Lucene search
K

11 matches found

NVD
NVD
added last week6 views

CVE-2026-44736

OpenProject is open-source, web-based project management software. Prior to 17.4.0, the GET /api/v3/relations endpoint allows any authenticated user to retrieve relations — and the subject title of work packages they have no permission to view — by supplying an arbitrary work package ID in the...

6.5CVSS0.00286EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/10 5:21 p.m.2 views

EUVD-2025-44736

Malicious code in vera-ketan9-sukiwir npm...

6.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.2 views

Lexmark Printers Improper Authentication (CVE-2021-44736)

The initial admin account setup wizard on Lexmark devices allow unauthenticated access to the out of service erase feature. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc...

10CVSS8.3AI score0.02432EPSS
Exploits0References5
Circl
Circl
added 2022/11/18 2:17 a.m.7 views

CVE-2022-44736

creationtimestamp| type| source ---|---|--- 2022-11-18 02:17:58+00:00| seen| https://t.me/cibsecurity/53117...

4.8CVSS4.9AI score0.00392EPSS
Exploits0References1
NVD
NVD
added 2022/11/17 11:15 p.m.24 views

CVE-2022-44736

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Chameleon plugin = 1.4.3 on WordPress...

4.8CVSS0.00392EPSS
Exploits0References1
CVE
CVE
added 2022/11/17 10:16 p.m.64 views

CVE-2022-44736

The CVE-2022-44736 entry describes a stored XSS vulnerability in the WordPress Chameleon plugin, affecting versions 1.4.3 and earlier. The root cause is improper sanitisation/escaping of settings, enabling authenticated (admin+) users to inject script into stored fields. Impact is limited to admi...

4.8CVSS4.8AI score0.00392EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2022/01/20 8:11 p.m.5 views

CVE-2021-44736

creationtimestamp| type| source ---|---|--- 2022-01-20 20:11:59+00:00| seen| https://t.me/cibsecurity/35939 2023-07-24 10:59:01+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/8723 2023-07-27 07:27:15+00:00| published-proof-of-concept| https://t.me/dilagrafie/3128...

10CVSS7.3AI score0.02432EPSS
Exploits0References4
NVD
NVD
added 2022/01/20 5:15 p.m.18 views

CVE-2021-44736

The initial admin account setup wizard on Lexmark devices allow unauthenticated access to the “out of service erase” feature...

10CVSS0.02432EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/01/20 4:9 p.m.24 views

CVE-2021-44736

The initial admin account setup wizard on Lexmark devices allow unauthenticated access to the “out of service erase” feature...

9.8AI score0.02432EPSS
Exploits0References2
CVE
CVE
added 2022/01/20 4:9 p.m.61 views

CVE-2021-44736

Lexmark devices are affected by CVE-2021-44736: the initial admin account setup wizard permits unauthenticated access to the out of service erase feature, enabling unauthenticated control over a device function. The issue is documented in multiple sources (ZDI advisory ZDI-22-331; Tenable OT plug...

10CVSS9.4AI score0.02432EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2019/12/05 12:0 a.m.4 views

OpenBSD has an unspecified vulnerability (CNVD-2019-44736)

OpenBSD is a cross-platform, BSD-based UNIX-like operating system from the Canadian OpenBSD project team. A security vulnerability exists in libc in OpenBSD version 6.6. An attacker can exploit this vulnerability to bypass authentication with the help of the -schallenge user...

9.8CVSS7AI score0.02736EPSS
Exploits2References1
Rows per page
Query Builder