MAL-2025-36783 Malicious code in theia-for-cloud-shell (npm)

The package theia-for-cloud-shell was found to contain malicious code...

CVE-2024-36783

TOTOLINK LR350 V9.3.5u.6369B20220309 was discovered to contain a command injection via the hosttime parameter in the NTPSyncWithHost function...

CVE-2024-36783

TOTOLINK LR350 V9.3.5u.6369B20220309 was discovered to contain a command injection via the hosttime parameter in the NTPSyncWithHost function...

CVE-2024-36783

The TOTOLINK LR350 router (firmware V9.3.5u.6369_B20220309) contains a command injection vulnerability in NTPSyncWithHost caused by missing input validation on the host_time parameter. This allows a remote attacker to execute arbitrary commands via network access with high impact. Remediation gui...

CVE-2024-36783

TOTOLINK LR350 V9.3.5u.6369B20220309 was discovered to contain a command injection via the hosttime parameter in the NTPSyncWithHost function...

CVE-2020-36783

creationtimestamp| type| source ---|---|--- 2024-02-29 11:11:36+00:00| seen| https://t.me/ctinow/196503...

CVE-2020-36783

In the Linux kernel, the following vulnerability has been resolved: i2c: img-scb: fix reference leak when pmruntimegetsync fails The PM reference count is not expected to be incremented on return in functions imgi2cxfer and imgi2cinit. However, pmruntimegetsync will increment the PM reference cou...

CVE-2020-36783

In the Linux kernel, the following vulnerability has been resolved: i2c: img-scb: fix reference leak when pmruntimegetsync fails The PM reference count is not expected to be incremented on return in functions imgi2cxfer and imgi2cinit. However, pmruntimegetsync will increment the PM reference cou...

CVE-2020-36783 i2c: img-scb: fix reference leak when pm_runtime_get_sync fails

In the Linux kernel, the following vulnerability has been resolved: i2c: img-scb: fix reference leak when pmruntimegetsync fails The PM reference count is not expected to be incremented on return in functions imgi2cxfer and imgi2cinit. However, pmruntimegetsync will increment the PM reference cou...

CVE-2020-36783

CVE-2020-36783 is a Linux kernel I2C (img-scb) reference-count leak issue: pm_runtime_get_sync increments the PM reference count even on failure in img_i2c_xfer and img_i2c_init, leading to leaks. The fix replaces that return path with pm_runtime_resume_and_get to keep the usage counter balanced....

CVE-2022-36783 AlgoSec – FireFlow Reflected Cross-Site-Scripting (RXSS)

AlgoSec – FireFlow Reflected Cross-Site-Scripting RXSS A malicious user injects JavaScript code into a parameter called IntersectudRule on the search/result.html page. The malicious user changes the request from POST to GET and sends the URL to another user victim. JavaScript code is executed on...

CVE-2022-36783

CVE-2022-36783 affects AlgoSec FireFlow with a Reflected Cross-Site-Scripting (RXSS) vector. A malicious user can inject JavaScript into the IntersectudRule parameter on the search/result.html page by changing the request method from POST to GET and sharing the URL with a victim. This results in ...

CVE-2021-36783

CVE-2021-36783 (Rancher info-disclosure) affects SUSE Rancher where credentials, passwords and API tokens stored in cleartext are exposed via API endpoints to authenticated users (Cluster Owners/Members, Project Owners/Members). Affected: Rancher versions before 2.6.4 (and 2.5.x before 2.5.13). R...

CVE-2021-36783 Rancher: Failure to properly sanitize credentials in cluster template answers

A Insufficiently Protected Credentials vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners and Project Members to read credentials, passwords and API tokens that have been stored in cleartext and exposed via API endpoints. This issue affects: SUSE...