MAL-2025-37191 Malicious code in trezor-link-chrome-extension (npm)

The package trezor-link-chrome-extension was found to contain malicious code...

CVE-2023-37191

CVE-2023-37191 is a stored cross-site scripting (XSS) in Issabel issabel-pbx v4.0.0-6. The vulnerability allows an attacker to inject arbitrary web scripts or HTML via payloads into the Group and Description fields, leading to execution in the victim’s browser. Connected documents confirm the aff...

CVE-2023-37191

A stored cross-site scripting XSS vulnerability in Issabel issabel-pbx v.4.0.0-6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Group and Description parameters...

CVE-2022-37191

creationtimestamp| type| source ---|---|--- 2022-09-14 02:25:50+00:00| seen| https://t.me/cibsecurity/49746...

CVE-2022-37191

The component "cuppa/api/index.php" of CuppaCMS v1.0 is Vulnerable to LFI. An authenticated user can read system files via crafted POST request using function parameter value as LFI payload...

CVE-2022-37191

CVE-2022-37191 affects CuppaCMS v1.0. The vulnerability is an authenticated Local File Inclusion in the cuppa/api/index.php component triggered by crafting a POST request whose function parameter is used as LFI payload, enabling an attacker with valid credentials to read system files. The Nuclei ...

CVE-2021-37191

creationtimestamp| type| source ---|---|--- 2021-09-14 14:20:52+00:00| seen| https://t.me/cibsecurity/28774...

CVE-2021-37191

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.0 SP2. An unauthenticated attacker in the same network of the affected system could brute force the usernames from the affected software...

CVE-2021-37191

CVE-2021-37191 affects Siemens SINEMA Remote Connect Server: all versions prior to 3.0 SP2 are vulnerable to an unauthenticated attacker on the same network brute-forcing usernames. The Red Hat and CNVD/Wikipedia entries corroborate the impact as an in-network username enumeration risk; ICSA note...

CVE-2021-37191

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.0 SP2. An unauthenticated attacker in the same network of the affected system could brute force the usernames from the affected software...

CVE-2012-2913

creationtimestamp| type| source ---|---|--- 2012-05-15 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/37191 2012-05-15 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/37192...