RHCOS 4 : OpenShift Container Platform 4.7.49 (RHSA-2022:1336)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:1336 advisory. - haproxy: Denial of service via set-cookie2 header CVE-2022-0711 Note that Nessus has not tested for this issue but has instead relied only ...

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2026-1336)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2026-1336

creationtimestamp| type| source ---|---|--- 2026-03-02 23:48:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mg4gxbn6yv2v...

RHEL 7 : resource-agents (RHSA-2026:1336)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1336 advisory. The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several service...

MiracleLinux 7 : tomcat-7.0.76-8.el7 (AXSA:2018-3358:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3358:03 advisory. tomcat: A bug in the UTF-8 decoder can lead to DoS CVE-2018-1336 Tenable has extracted the preceding description block directly from the MiracleLinux securit...

EUVD-2026-1336

The Premmerce WooCommerce Customers Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'moneyspentfrom', 'moneyspentto', 'registeredfrom', and 'registeredto' parameters in all versions up to, and including, 1.1.14 due to insufficient input sanitization and output...

EUVD-2019-1336

Malware in sbrugna...

CVE-2022-1336

The Carousel CK WordPress plugin through 1.1.0 does not sanitize and escape Slide's descriptions, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks when unfilteredhtml is disallowed...

CVE-2019-1336

An elevation of privilege vulnerability exists in the Microsoft Windows Update Client when it does not properly handle privileges, aka 'Microsoft Windows Update Client Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1323...

Linux Distros Unpatched Vulnerability : CVE-2014-1336

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service memory...

CVE-2025-1336

A vulnerability has been found in CmsEasy 7.7.7.9 and classified as problematic. Affected by this vulnerability is the function deleteimgaction in the library lib/admin/imageadmin.php. The manipulation of the argument imgname leads to path traversal. The attack can be launched remotely. The explo...

CVE-2025-1336

creationtimestamp| type| source ---|---|--- 2025-02-16 09:03:53+00:00| seen| https://infosec.exchange/users/cve/statuses/114012758525808669 2025-02-16 09:15:19+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3libvge6hnm2p 2025-02-16 10:12:54+00:00|...

CVE-2025-1336

CmsEasy 7.7.7.9 is affected by a path traversal vulnerability in deleteimg_action (lib/admin/image_admin.php) caused by unsafely handling the imgname parameter. A remote attacker could exploit this, and public exploits have been disclosed. Multiple sources confirm remote access and public disclos...

CVE-2025-1336 CmsEasy image_admin.php deleteimg_action path traversal

A vulnerability has been found in CmsEasy 7.7.7.9 and classified as problematic. Affected by this vulnerability is the function deleteimgaction in the library lib/admin/imageadmin.php. The manipulation of the argument imgname leads to path traversal. The attack can be launched remotely. The explo...

Apache Tomcat 8.5.0 < 8.5.31

The version of Tomcat installed on the remote host is prior to 8.5.31. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat8.5.31security-8 advisory. - An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop...

PT-2024-25715 · Jenkins · Jenkins Script Security Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Script Security Plugin versions 1335.vf07d9ce377a e and earlier Description: A sandbox bypass issue allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execut...

CVE-2023-47542

A improper neutralization of special elements used in a template engine CWE-1336 in FortiManager versions 7.4.1 and below, versions 7.2.4 and below, and 7.0.10 and below allows attacker to execute unauthorized code or commands via specially crafted templates...

CVE-2023-47542

A improper neutralization of special elements used in a template engine CWE-1336 in FortiManager versions 7.4.1 and below, versions 7.2.4 and below, and 7.0.10 and below allows attacker to execute unauthorized code or commands via specially crafted templates...

CVE-2023-47542

A improper neutralization of special elements used in a template engine CWE-1336 in FortiManager versions 7.4.1 and below, versions 7.2.4 and below, and 7.0.10 and below allows attacker to execute unauthorized code or commands via specially crafted templates...

CVE-2023-47542

CVE-2023-47542 : Fortinet FortiManager suffers from improper neutralization of special elements used in a template engine (CWE-1336). Affects FortiManager versions 7.4.1 and below, 7.2.4 and below, and 7.0.10 and below. The issue could enable a local attacker to execute unauthorized code or comma...