Lucene search
K

17 matches found

OSV
OSV
added 2025/06/03 3:15 p.m.1 views

CVE-2025-36564

Dell Encryption Admin Utilities versions prior to 11.10.2 contain an Improper Link Resolution vulnerability. A local malicious user could potentially exploit this vulnerability, leading to privilege escalation...

7.8CVSS5.8AI score0.00113EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:36 p.m.8 views

CVE-2020-36564

Due to improper validation of caller input, validation is silently disabled if the provided expected token is malformed, causing any user supplied token to be considered valid...

7.5CVSS6.8AI score0.00722EPSS
Exploits0
Circl
Circl
added 2023/10/10 10:16 p.m.4 views

CVE-2023-36564

creationtimestamp| type| source ---|---|--- 2023-10-10 22:16:59+00:00| seen| https://t.me/cibsecurity/71999...

6.5CVSS7.1AI score0.01325EPSS
Exploits0References1
NVD
NVD
added 2023/10/10 6:15 p.m.22 views

CVE-2023-36564

Windows Search Security Feature Bypass Vulnerability...

6.5CVSS7.8AI score0.01325EPSS
Exploits0References1
CVE
CVE
added 2023/10/10 5:8 p.m.385 views

CVE-2023-36564

Technical details about CVE-2023-36564 are not publicly available in the provided documents. Monitor official advisories for updates on affected products, impact, and available fixes.

6.5CVSS7.8AI score0.01325EPSS
Exploits0References1Affected Software11
Circl
Circl
added 2022/12/28 12:11 a.m.5 views

CVE-2020-36564

creationtimestamp| type| source ---|---|--- 2022-12-28 00:11:52+00:00| seen| https://t.me/cibsecurity/55445 2025-04-11 16:51:21+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11467...

7.5CVSS7.1AI score0.00722EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/12/27 9:13 p.m.9 views

CVE-2020-36564 Improper input validation in github.com/justinas/nosurf

Due to improper validation of caller input, validation is silently disabled if the provided expected token is malformed, causing any user supplied token to be considered valid...

7.5AI score0.00722EPSS
Exploits0References3
CVE
CVE
added 2022/12/27 9:13 p.m.66 views

CVE-2020-36564

CVE-2020-36564 affects the Go package github.com/justinas/nosurf. The issue arises from improper validation of caller input: if the provided expected token is malformed, validation is silently disabled, causing any user-supplied token to be treated as valid. This undermines CSRF protection by eff...

7.5CVSS7.5AI score0.00722EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/12/27 9:13 p.m.18 views

CVE-2020-36564 Improper input validation in github.com/justinas/nosurf

Due to improper validation of caller input, validation is silently disabled if the provided expected token is malformed, causing any user supplied token to be considered valid...

7.5AI score0.00722EPSS
Exploits0References3
Circl
Circl
added 2022/08/31 12:36 a.m.4 views

CVE-2022-36564

creationtimestamp| type| source ---|---|--- 2022-08-31 00:36:13+00:00| seen| https://t.me/cibsecurity/49080...

8.8CVSS8.1AI score0.00814EPSS
Exploits0References1
OSV
OSV
added 2022/08/30 9:15 p.m.3 views

CVE-2022-36564

Incorrect access control in the install directory C:\Strawberry of StrawberryPerl v5.32.1.1 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory...

8.8CVSS6.1AI score0.00814EPSS
Exploits0References1
NVD
NVD
added 2022/08/30 9:15 p.m.10 views

CVE-2022-36564

Incorrect access control in the install directory C:\Strawberry of StrawberryPerl v5.32.1.1 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory...

8.8CVSS0.00814EPSS
Exploits0References1
CVE
CVE
added 2022/08/30 8:5 p.m.53 views

CVE-2022-36564

StrawberryPerl v5.32.1.1 and earlier are affected by CVE-2022-36564 due to improper access control in the install directory (C:\Strawberry). An authenticated attacker can exploit this by overwriting binaries in the directory to execute arbitrary code. Affected component: installation directory ac...

8.8CVSS8.8AI score0.00814EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/08/30 8:5 p.m.17 views

CVE-2022-36564

Incorrect access control in the install directory C:\Strawberry of StrawberryPerl v5.32.1.1 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory...

9.1AI score0.00814EPSS
Exploits0References1
NVD
NVD
added 2021/12/06 9:15 p.m.9 views

CVE-2021-36564

ThinkPHP v6.0.8 was discovered to contain a deserialization vulnerability via the component vendor\league\flysystem-cached-adapter\src\Storage\Adapter.php...

9.8CVSS0.01841EPSS
Exploits1References1
OSV
OSV
added 2021/12/06 9:15 p.m.17 views

CVE-2021-36564

ThinkPHP v6.0.8 was discovered to contain a deserialization vulnerability via the component vendor\league\flysystem-cached-adapter\src\Storage\Adapter.php...

9.8CVSS7.3AI score
Exploits0References1
CVE
CVE
added 2021/12/06 8:22 p.m.84 views

CVE-2021-36564

CVE-2021-36564 : ThinkPHP v6.0.8 contains a deserialization vulnerability in the component vendor\league\flysystem-cached-adapter\src\Storage\Adapter.php. The issue, described across multiple sources, is a deserialization flaw in ThinkPHP’s framework leading to high-severity impact (NVD CVSS v3.1...

9.8CVSS9.5AI score0.01841EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder