CVE-2009-0236

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2009. Notes: none...

Security Bulletin: IBM Storage Insights is vulnerable to weakness related to Apache Commons Lang

Summary Vulnerabilities in Apache Commons Lang may affect IBM Storage Insights which could allow uncontrolled recursion. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with...

CVE-2023-0236

The Tutor LMS WordPress plugin before 2.0.10 does not sanitise and escape the resetkey and userid parameters before outputting then back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2020-0236

In A2DPGetCodecType of a2dpcodecconfig, there is a possible out-of-bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android, Versions: Android-10...

CVE-2023-0236

creationtimestamp| type| source ---|---|--- 2025-03-25 18:25:13+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8725...

CVE-1999-0236 vulnerabilities

Vulnerabilities for packages: apache2...

Linux Distros Unpatched Vulnerability : CVE-2015-0236

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libvirt before 1.2.12 allow remote authenticated users to obtain the VNC password by using the VIRDOMAINXMLSECURE flag with a crafted 1 snapshot to the...

CVE-2025-0236

creationtimestamp| type| source ---|---|--- 2025-02-26 02:23:24+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5425...

CVE-2025-0236

Out-of-bounds vulnerability in slope processing during curve rendering in Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver...

CVE-2025-0236

CVE-2025-0236 concerns an out-of-bounds vulnerability in slope processing during curve rendering in Canon Generic PCL6 V4 Printer Driver, Generic UFR II V4 Printer Driver, and Generic LIPSLX V4 Printer Driver. The issue is described across multiple sources as affecting slope handling during curve...

CVE-2025-0236

Out-of-bounds vulnerability in slope processing during curve rendering in Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver...

CVE-2024-0236

The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve the settings of arbitrary virtual events, including any meeting password set for example for Zoom...

CVE-2024-0236 EventON (Free < 2.2.8, Premium < 4.5.5) - Unauthenticated Virtual Event Password Disclosure

The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve the settings of arbitrary virtual events, including any meeting password set for example for Zoom...

CVE-2024-0236

CVE-2024-0236 affects the WordPress EventON plugin, with unauthenticated access in an AJAX action that allows retrieval of arbitrary virtual-event settings, including meeting passwords (e.g., Zoom). Technical details across connected documents show vulnerable versions: EventON prior to 4.5.5 and ...

CVE-2011-0236

Rejected reason: This candidate is unused by its CNA...

K40306410: PHP vulnerability CVE-2014-0236

Security Advisory Description file before 5.18, as used in the Fileinfo component in PHP before 5.6.0, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a zero rootstorage value in a CDF file, related to cdf.c and readcdf.c. CVE-2014-0236 Impa...

SUSE CVE-2005-0236

The International Domain Name IDN support in Omniweb 5 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks...

CVE-2023-0236 Tutor LMS < 2.0.10 - Reflected Cross-Site Scripting

The Tutor LMS WordPress plugin before 2.0.10 does not sanitise and escape the resetkey and userid parameters before outputting then back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2023-0236 Tutor LMS < 2.0.10 - Reflected Cross-Site Scripting

The Tutor LMS WordPress plugin before 2.0.10 does not sanitise and escape the resetkey and userid parameters before outputting then back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2023-0236

CVE-2023-0236 corresponds to a reflected XSS in the WordPress Tutor LMS plugin prior to 2.0.10. The vulnerability stems from failure to sanitize and escape reset_key and user_id when echoing them back in attributes, enabling an attacker to inject scripts into the browser of an authenticated user ...