Lucene search
K

12 matches found

OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-36750 Malicious code in testzerocool (npm)

The package testzerocool was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 8:35 p.m.4 views

CVE-2021-36750

ENC DataVault before 7.2 and VaultAPI v67 mishandle key derivation, making it easier for attackers to determine the passwords of all DataVault users across USB drives sold under multiple brand names...

8.1CVSS7.1AI score0.13526EPSS
Exploits0References1
CVE
CVE
added 2023/07/12 3:2 a.m.45 views

CVE-2020-36750

The CVE-2020-36750 entry concerns the WordPress EWWW Image Optimizer plugin. Affected component: ewww_ngg_bulk_init() function in versions up to and including 5.8.1. Root cause: insufficient nonce validation leads to a Cross-Site Request Forgery (CSRF). Impact: unauthenticated attackers could tri...

4.3CVSS4.2AI score0.00342EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2023/07/12 3:2 a.m.24 views

CVE-2020-36750 EWWW Image Optimizer <= 5.8.1 - Cross-Site Request Forgery Bypass

The EWWW Image Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.8.1. This is due to missing or incorrect nonce validation on the ewwwnggbulkinit function. This makes it possible for unauthenticated attackers to perform bulk image...

4.3CVSS4.3AI score0.00342EPSS
Exploits0References9
OSV
OSV
added 2023/07/11 10:15 a.m.6 views

CVE-2023-36750

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.16.0, RUGGEDCOM ROX MX5000RE All versions V2.16.0, RUGGEDCOM ROX RX1400 All versions V2.16.0, RUGGEDCOM ROX RX1500 All versions V2.16.0, RUGGEDCOM ROX RX1501 All versions V2.16.0, RUGGEDCOM ROX RX1510 All versions V2.16.0...

7.2CVSS7.6AI score0.01294EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/07/11 9:7 a.m.8 views

CVE-2023-36750

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.16.0, RUGGEDCOM ROX MX5000RE All versions V2.16.0, RUGGEDCOM ROX RX1400 All versions V2.16.0, RUGGEDCOM ROX RX1500 All versions V2.16.0, RUGGEDCOM ROX RX1501 All versions V2.16.0, RUGGEDCOM ROX RX1510 All versions V2.16.0...

9.1CVSS7.8AI score0.01294EPSS
Exploits0References1
CVE
CVE
added 2023/07/11 9:7 a.m.54 views

CVE-2023-36750

Siemens RUGGEDCOM ROX family (MX5000, MX5000RE, RX1400, RX1500, RX1501, RX1510, RX1511, RX1512, RX1524, RX1536, RX5000) are affected by CVE-2023-36750. The issue is a command injection in the web interface via the software-upgrade URL parameter caused by missing server-side input sanitation. An a...

9.1CVSS7AI score0.01294EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2022/08/11 12:26 a.m.6 views

CVE-2022-36750

creationtimestamp| type| source ---|---|--- 2022-08-11 00:26:34+00:00| seen| https://t.me/cibsecurity/47902...

9.8CVSS8.7AI score0.00821EPSS
Exploits1References1
CVE
CVE
added 2022/08/10 4:29 p.m.77 views

CVE-2022-36750

CVE-2022-36750 : Clinic’s Patient Management System v1.0 is vulnerable to SQL injection through /pms/update_user.php?id=. The CVSS 3.1 base score is 9.8 (CRITICAL) with network attack vector, low complexity, and no privileges required. Affected component is the update_user endpoint handling the i...

9.8CVSS9.7AI score0.00821EPSS
Exploits1References1Affected Software1
Circl
Circl
added 2021/12/22 4:18 p.m.4 views

CVE-2021-36750

creationtimestamp| type| source ---|---|--- 2021-12-22 16:18:20+00:00| seen| https://t.me/cibsecurity/34494...

8.1CVSS7.9AI score0.13526EPSS
Exploits0References1
NVD
NVD
added 2021/12/22 2:15 p.m.30 views

CVE-2021-36750

ENC DataVault before 7.2 and VaultAPI v67 mishandle key derivation, making it easier for attackers to determine the passwords of all DataVault users across USB drives sold under multiple brand names...

8.1CVSS0.13526EPSS
Exploits0References4
CVE
CVE
added 2021/12/22 1:40 p.m.51 views

CVE-2021-36750

Summary: CVE-2021-36750 affects ENC DataVault prior to 7.2 and VaultAPI v67, where a faulty key derivation process is reported. The described vulnerability enables attackers to determine the passwords of all DataVault users across USB drives branded by multiple vendors. The root cause is describe...

8.1CVSS8AI score0.13526EPSS
Exploits0References4Affected Software2
Rows per page
Query Builder