17 matches found
CVE-2025-36564
Dell Encryption Admin Utilities versions prior to 11.10.2 contain an Improper Link Resolution vulnerability. A local malicious user could potentially exploit this vulnerability, leading to privilege escalation...
CVE-2020-36564
Due to improper validation of caller input, validation is silently disabled if the provided expected token is malformed, causing any user supplied token to be considered valid...
CVE-2023-36564
creationtimestamp| type| source ---|---|--- 2023-10-10 22:16:59+00:00| seen| https://t.me/cibsecurity/71999...
CVE-2023-36564
Windows Search Security Feature Bypass Vulnerability...
CVE-2023-36564
Technical details about CVE-2023-36564 are not publicly available in the provided documents. Monitor official advisories for updates on affected products, impact, and available fixes.
CVE-2020-36564
creationtimestamp| type| source ---|---|--- 2022-12-28 00:11:52+00:00| seen| https://t.me/cibsecurity/55445 2025-04-11 16:51:21+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11467...
CVE-2020-36564 Improper input validation in github.com/justinas/nosurf
Due to improper validation of caller input, validation is silently disabled if the provided expected token is malformed, causing any user supplied token to be considered valid...
CVE-2020-36564
CVE-2020-36564 affects the Go package github.com/justinas/nosurf. The issue arises from improper validation of caller input: if the provided expected token is malformed, validation is silently disabled, causing any user-supplied token to be treated as valid. This undermines CSRF protection by eff...
CVE-2020-36564 Improper input validation in github.com/justinas/nosurf
Due to improper validation of caller input, validation is silently disabled if the provided expected token is malformed, causing any user supplied token to be considered valid...
CVE-2022-36564
creationtimestamp| type| source ---|---|--- 2022-08-31 00:36:13+00:00| seen| https://t.me/cibsecurity/49080...
CVE-2022-36564
Incorrect access control in the install directory C:\Strawberry of StrawberryPerl v5.32.1.1 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory...
CVE-2022-36564
Incorrect access control in the install directory C:\Strawberry of StrawberryPerl v5.32.1.1 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory...
CVE-2022-36564
StrawberryPerl v5.32.1.1 and earlier are affected by CVE-2022-36564 due to improper access control in the install directory (C:\Strawberry). An authenticated attacker can exploit this by overwriting binaries in the directory to execute arbitrary code. Affected component: installation directory ac...
CVE-2022-36564
Incorrect access control in the install directory C:\Strawberry of StrawberryPerl v5.32.1.1 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory...
CVE-2021-36564
ThinkPHP v6.0.8 was discovered to contain a deserialization vulnerability via the component vendor\league\flysystem-cached-adapter\src\Storage\Adapter.php...
CVE-2021-36564
ThinkPHP v6.0.8 was discovered to contain a deserialization vulnerability via the component vendor\league\flysystem-cached-adapter\src\Storage\Adapter.php...
CVE-2021-36564
CVE-2021-36564 : ThinkPHP v6.0.8 contains a deserialization vulnerability in the component vendor\league\flysystem-cached-adapter\src\Storage\Adapter.php. The issue, described across multiple sources, is a deserialization flaw in ThinkPHP’s framework leading to high-severity impact (NVD CVSS v3.1...