MAL-2025-36535 Malicious code in test-mlw2-umbos-loner (npm)

The package test-mlw2-umbos-loner was found to contain malicious code...

CVE-2020-36535

A vulnerability classified as critical has been found in MINMAX. This affects an unknown part of the file /newsDia.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely...

CVE-2025-36535 AutomationDirect MB-Gateway Missing Authentication for Critical Function

The embedded web server lacks authentication and access controls, allowing unrestricted remote access. This could lead to configuration changes, operational disruption, or arbitrary code execution depending on the environment and exposed functionality...

CVE-2025-36535 AutomationDirect MB-Gateway Missing Authentication for Critical Function

The embedded web server lacks authentication and access controls, allowing unrestricted remote access. This could lead to configuration changes, operational disruption, or arbitrary code execution depending on the environment and exposed functionality...

CVE-2025-36535

creationtimestamp| type| source ---|---|--- 2025-05-20 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-140-09 2025-05-21 18:06:37+00:00| exploited| https://t.me/informationsecuritychannel/53587 2025-05-21 20:08:47+00:00| seen|...

CVE-2024-36535

creationtimestamp| type| source ---|---|--- 2024-07-24 23:20:34+00:00| seen| Telegram/P7TKnyCoNukOxyA8ynGHLMVrEocGAOGPsqbf8qV4q32Og...

CVE-2024-36535

Insecure permissions in meshery v0.7.51 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token...

Zoom Client < 5.14.10 Multiple Information Disclosure Vulnerabilities (ZSB-23031, ZSB-23034) - Mac OS X

Zoom Client is prone to multiple information disclosure vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Zoom Client < 5.14.10 Multiple Information Disclosure Vulnerabilities (ZSB-23031, ZSB-23034) - Windows

Zoom Client is prone to multiple information disclosure vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Zoom Client for Meetings < 5.14.10 Vulnerability (ZSB-23031)

The version of Zoom Client for Meetings installed on the remote host is prior to 5.14.10. It is, therefore, affected by a vulnerability as referenced in the ZSB-23031 advisory. - Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an authenticated user to enab...

Zoom Client < 5.14.10 Multiple Information Disclosure Vulnerabilities (ZSB-23031, ZSB-23034) - Linux

Zoom Client is prone to multiple information disclosure vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2023-36535

Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an authenticated user to enable information disclosure via network access...

CVE-2023-36535

CVE-2023-36535 affects Zoom Client for Meetings prior to 5.14.10. The issue arises from client-side enforcement of server-side security, potentially allowing an authenticated user to disclose information via network access. Zoom has released fixes; NCSC notes this vulnerability is addressed in Zo...

CVE-2021-36535

creationtimestamp| type| source ---|---|--- 2023-02-03 20:21:01+00:00| seen| https://t.me/cibsecurity/57481 2025-03-26 17:25:42+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8912...

CVE-2021-36535

CVE-2021-36535 describes a buffer overflow in Cesanta mJS 1.26. The issue affects the mjs_set_errorf path and can be triggered by a crafted .js file, leading to denial of service. The available connected documents corroborate the target as Cesanta mJS 1.26 and the impact as availability loss (DoS...

CVE-2021-36535

Buffer Overflow vulnerability in Cesanta mJS 1.26 allows remote attackers to cause a denial of service via crafted .js file to mjsseterrorf...

CVE-2020-36535

creationtimestamp| type| source ---|---|--- 2022-06-07 22:31:22+00:00| seen| https://t.me/cibsecurity/43948...

CVE-2020-36535 MINMAX newsDia.php sql injection

A vulnerability classified as critical has been found in MINMAX. This affects an unknown part of the file /newsDia.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely...

CVE-2020-36535 MINMAX newsDia.php sql injection

A vulnerability classified as critical has been found in MINMAX. This affects an unknown part of the file /newsDia.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely...

CVE-2020-36535

MINMAX is affected by an SQL injection vulnerability in the newsDia.php page, triggered by manipulating the id parameter. Multiple connected sources (NVD, Red Hat, CNVD/CNNVD, CVE list, PRION, and others) describe this as a critical flaw that can be exploited remotely, impacting the handling of a...