MAL-2025-36635 Malicious code in test-mlw2-wimpy-fiscs (npm)

The package test-mlw2-wimpy-fiscs was found to contain malicious code...

CVE-2023-36635

An improper access control in Fortinet FortiSwitchManager version 7.2.0 through 7.2.2 7.0.0 through 7.0.1 may allow a remote authenticated read-only user to modify the interface settings via the API...

CVE-2022-36635

ZKteco ZKBioSecurity V5000 4.1.3 was discovered to contain a SQL injection vulnerability via the component /baseOpLog.do...

CVE-2020-36635

A vulnerability was found in OpenMRS Appointment Scheduling Module up to 1.12.x. It has been classified as problematic. This affects the function validateFieldName of the file api/src/main/java/org/openmrs/module/appointmentscheduling/validator/AppointmentTypeValidator.java. The manipulation lead...

CVE-2020-36635

creationtimestamp| type| source ---|---|--- 2025-04-11 14:51:09+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11435...

CVE-2023-36635

creationtimestamp| type| source ---|---|--- 2023-09-07 16:18:54+00:00| seen| https://t.me/cibsecurity/70068...

CVE-2023-36635

An improper access control in Fortinet FortiSwitchManager version 7.2.0 through 7.2.2 7.0.0 through 7.0.1 may allow a remote authenticated read-only user to modify the interface settings via the API...

CVE-2023-36635

CVE-2023-36635 concerns Fortinet FortiSwitchManager. Affected: FortiSwitchManager versions 7.2.0–7.2.2 and 7.0.0–7.0.1. Root cause: improper access control allowing a remote authenticated read-only user to modify interface settings via the API. Impact: ability to alter interface configurations (a...

CVE-2020-36635

CVE-2020-36635 affects OpenMRS Appointment Scheduling Module up to version 1.12.x. The vulnerability is in the validateFieldName function of AppointmentTypeValidator.java, where input manipulation can lead to cross-site scripting and can be triggered remotely. A patch is available: upgrading to O...

CVE-2022-36635

creationtimestamp| type| source ---|---|--- 2022-10-08 02:17:40+00:00| seen| https://t.me/cibsecurity/51049...

CVE-2022-36635

ZKteco ZKBioSecurity V5000 4.1.3 was discovered to contain a SQL injection vulnerability via the component /baseOpLog.do...

CVE-2022-36635

CVE-2022-36635 affects ZKTeco ZKBioSecurity V5000 (version 4.1.3) with a SQL injection in the /baseOpLog.do component. The root cause is a lack of input validation for external SQL statements, enabling attackers to obtain sensitive DB information. The CVSSv3.1 metrics indicate Network access, Low...

Linux Kernel 'net/ax25/af_ax25.c'本地拒绝服务漏洞

Bugraq ID: 36635 Linux是一款开放源代码的操作系统。 Linux不正确校验用户值的符号正负，本地攻击者可以利用漏洞使内核崩溃。 ax25代码尝试使用： if optlen sizeofint return -EINVAL; 对设置套接字选项中的optlen是否会负（或零）做安全检查。 不幸的是"sizeofint"是一个无符号属性，结果可导致整个比较在无符号的情况下完成，是的负值可绕过检查。 Linux kernel 2.6.31 -rc7 Linux kernel 2.6.31 -rc6 Linux kernel 2.6.31 -rc3 + Trustix Secu...