MiracleLinux 7 : httpd24-httpd-2.4.25-9.el7 (AXSA:2017-1638:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1638:01 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release: CVE-2016-0736 RESERVED This...

MiracleLinux 7 : httpd-2.4.6-45.4.0.1.el7.AXS7 (AXSA:2017-1628:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1628:01 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release: CVE-2016-0736 RESERVED This...

CVE-2022-0736

Insecure Temporary File in GitHub repository mlflow/mlflow prior to 1.23.1...

CVE-1999-0736

The showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files...

CVE-2020-0736

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'...

CVE-2009-0736

Cross-site scripting XSS vulnerability in Pebble before 2.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Important: Red Hat Security Advisory: Red Hat Data Grid 8.5.3 security update

An update for Red Hat Data Grid 8 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

CVE-2025-0736 Org.infinispan-infinispan-parent: exposure of sensitive information in application logs

A flaw was found in Infinispan, when using JGroups with JDBCPING. This issue occurs when an application inadvertently exposes sensitive information, such as configuration details or credentials, through logging mechanisms. This exposure can lead to unauthorized access and exploitation by maliciou...

CVE-2025-0736

CVE-2025-0736 concerns Infinispan when used with JGroups/JDBC_PING, where sensitive information (e.g., configuration data or credentials) can be exposed through logging. This logging exposure can enable unauthorized access. Affected product/impact: Infinispan (org.infinispan-infinispan-parent) wi...

CVE-2025-0736

A flaw was found in Infinispan, when using JGroups with JDBCPING. This issue occurs when an application inadvertently exposes sensitive information, such as configuration details or credentials, through logging mechanisms. This exposure can lead to unauthorized access and exploitation by maliciou...

CVE-2011-0736

creationtimestamp| type| source ---|---|--- 2025-01-21 18:00:48+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2436...

CVE-2024-0736 EFS Easy File Sharing FTP Login denial of service

A vulnerability classified as problematic has been found in EFS Easy File Sharing FTP 3.6. This affects an unknown part of the component Login. The manipulation of the argument password leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to t...

CVE-2024-0736

CVE-2024-0736 affects EFS Easy File Sharing FTP 3.6, specifically the Login component. The vulnerability arises from manipulating the password argument, causing denial of service. It can be exploited remotely and the exploit has been disclosed publicly. PT Security guidance notes no known fix and...

CVE-2024-0736 EFS Easy File Sharing FTP Login denial of service

A vulnerability classified as problematic has been found in EFS Easy File Sharing FTP 3.6. This affects an unknown part of the component Login. The manipulation of the argument password leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to t...

SUSE: Security Advisory (SUSE-SU-2023:0736-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : python3 (SUSE-SU-2023:0736-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0736-1 advisory. - An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that...

K53437580: Apache vulnerabilities CVE-2016-0736 and CVE-2016-2161

Security Advisory Description CVE-2016-0736 In Apache HTTP Server versions 2.4.0 to 2.4.23, modsessioncrypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation AES256-CBC by default, hence no selectable or builtin authenticated encryptio...

SUSE CVE-2016-0736

In Apache HTTP Server versions 2.4.0 to 2.4.23, modsessioncrypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation AES256-CBC by default, hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle...

CVE-2023-0736

creationtimestamp| type| source ---|---|--- 2023-02-08 02:23:38+00:00| seen| https://t.me/cibsecurity/57736...

CVE-2023-0736 Cross-site Scripting (XSS) - Stored in wallabag/wallabag

Cross-site Scripting XSS - Stored in GitHub repository wallabag/wallabag prior to 2.5.4...