11 matches found
CVE-2026-44736
OpenProject is open-source, web-based project management software. Prior to 17.4.0, the GET /api/v3/relations endpoint allows any authenticated user to retrieve relations — and the subject title of work packages they have no permission to view — by supplying an arbitrary work package ID in the...
EUVD-2025-44736
Malicious code in vera-ketan9-sukiwir npm...
Lexmark Printers Improper Authentication (CVE-2021-44736)
The initial admin account setup wizard on Lexmark devices allow unauthenticated access to the out of service erase feature. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc...
CVE-2022-44736
creationtimestamp| type| source ---|---|--- 2022-11-18 02:17:58+00:00| seen| https://t.me/cibsecurity/53117...
CVE-2022-44736
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Chameleon plugin = 1.4.3 on WordPress...
CVE-2022-44736
The CVE-2022-44736 entry describes a stored XSS vulnerability in the WordPress Chameleon plugin, affecting versions 1.4.3 and earlier. The root cause is improper sanitisation/escaping of settings, enabling authenticated (admin+) users to inject script into stored fields. Impact is limited to admi...
CVE-2021-44736
creationtimestamp| type| source ---|---|--- 2022-01-20 20:11:59+00:00| seen| https://t.me/cibsecurity/35939 2023-07-24 10:59:01+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/8723 2023-07-27 07:27:15+00:00| published-proof-of-concept| https://t.me/dilagrafie/3128...
CVE-2021-44736
The initial admin account setup wizard on Lexmark devices allow unauthenticated access to the “out of service erase” feature...
CVE-2021-44736
The initial admin account setup wizard on Lexmark devices allow unauthenticated access to the “out of service erase” feature...
CVE-2021-44736
Lexmark devices are affected by CVE-2021-44736: the initial admin account setup wizard permits unauthenticated access to the out of service erase feature, enabling unauthenticated control over a device function. The issue is documented in multiple sources (ZDI advisory ZDI-22-331; Tenable OT plug...
OpenBSD has an unspecified vulnerability (CNVD-2019-44736)
OpenBSD is a cross-platform, BSD-based UNIX-like operating system from the Canadian OpenBSD project team. A security vulnerability exists in libc in OpenBSD version 6.6. An attacker can exploit this vulnerability to bypass authentication with the help of the -schallenge user...