MiracleLinux 4 : xorg-x11-server-1.17.4-18.0.2.AXS4 (AXSA:2021-1136:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1136:01 advisory. xorg-x11-server: Out-of-bounds access in XkbSetMap function CVE-2020-14360 xorg-x11-server: XkbSetDeviceInfo heap-based buffer overflow privilege...

MiracleLinux 7 : gimp-2.8.16-3.el7, gimp-help-2.8.2-1.el7 (AXSA:2016-1136:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-1136:01 advisory. gimp GIMP GNU Image Manipulation Program is a powerful image composition and editing program, which can be extremely useful for creating logos and other...

CVE-2025-14422

creationtimestamp| type| source ---|---|--- 2025-12-17 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-1136/ 2026-01-05 15:42:32+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mbornzhm7k2c...

CVE-2024-1136

The Coming Soon Page & Maintenance Mode plugin for WordPress is vulnerable to unauthorized access of data due to an improperly implemented URL check in the wpsmcomingsoonredirect function in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers to view a...

CVE-2020-1136

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1028, CVE-2020-1126, CVE-2020-1150...

CVE-2019-1136

An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'...

CVE-2024-1136

creationtimestamp| type| source ---|---|--- 2024-03-14 20:32:12+00:00| seen| https://t.me/ctinow/208124 2025-04-22 16:03:32+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12889...

CVE-2024-1136

CVE-2024-1136 pertains to the WordPress plugin Coming Soon Page & Maintenance Mode, where an improperly implemented URL check in wpsm_coming_soon_redirect in all versions up to 2.2.1 allows unauthenticated attackers to view content when maintenance/coming-soon mode is enabled. The vulnerability i...

CVE-2024-1136 Coming Soon Page & Maintenance Mode <= 2.2.1 - Maintenance Mode Bypass

The Coming Soon Page & Maintenance Mode plugin for WordPress is vulnerable to unauthorized access of data due to an improperly implemented URL check in the wpsmcomingsoonredirect function in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers to view a...

WordPress Coming Soon Page & Maintenance Mode Plugin <= 2.2.1 is vulnerable to Bypass Vulnerability

Software Coming Soon Page & Maintenance Mode Type Plugin Vulnerable versions = 2.2.1 Fixed in 2.2.2 OWASP Top 10 A4: Insecure Design Classification Bypass Vulnerability CVE CVE-2024-1136 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 3a68dbfd3e93 Credits Lucio Sá Required...

CVE-2023-1136

creationtimestamp| type| source ---|---|--- 2023-03-27 18:20:09+00:00| seen| https://t.me/cibsecurity/60786 2025-01-16 21:56:38+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2065...

CVE-2023-1136

In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an unauthenticated attacker could generate a valid token, which would lead to authentication bypass...

CVE-2023-1136

Delta Electronics InfraSuite Device Master before version 1.0.5 contains an improper authentication vulnerability (CWE-287) that could allow an unauthenticated attacker to obtain a valid token and bypass authentication. Multiple connected sources confirm the affected product and version range, wi...

CVE-2023-1136 CVE-2023-1136

In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an unauthenticated attacker could generate a valid token, which would lead to authentication bypass...

CVE-2023-1136 CVE-2023-1136

In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an unauthenticated attacker could generate a valid token, which would lead to authentication bypass...

SUSE CVE-2012-1136

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid heap write operation and memory corruption or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font that lacks an ENCODI...

CVE-2022-1136

creationtimestamp| type| source ---|---|--- 2022-07-23 07:24:25+00:00| seen| https://t.me/cibsecurity/46865...

CVE-2022-1136

CVE-2022-1136 affects Google Chrome/Chromium: Use-after-free in the Tab Strip can lead to heap corruption when a user is convinced to install a malicious extension. Affected versions are before 100.0.4896.60; the Chrome 100 stable release fixed 28 security issues including this CVE. Exploitation ...

CVE-2022-1136

Use after free in Tab Strip in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific set of user gestures...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:0112-1 Rating: important References: 1194511 1194512 1194513 1194514 1197680 1198053 1198361 Cross-References: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-1125 CVE-2022-1127 CVE-2022-1128...