56 matches found
Chromium: CVE-2026-13936 Inappropriate implementation in Passwords
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
CVE-2026-13936 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-13936 vulnerabilities
Vulnerabilities for packages: chromium...
EUVD-2026-41448
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS Tigerpaw Technology Integration module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13936. This issue affects Fireware O...
CVE-2026-13936
creationtimestamp| type| source ---|---|--- 2026-07-01 21:09:19+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmghgqlnq2d 2026-07-02 07:46:31+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260702...
Linux Distros Unpatched Vulnerability : CVE-2026-13936
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Passwords in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive informati...
RHSA-2026:13936 Red Hat Security Advisory: kernel security update
Bulletin has no description...
Security Bulletin: IBM Engineering Lifecycle Management - Jazz Foundation is impacted by vulnerabilities in Apache Velocity
Summary A vulnerability has been identified in Apache Velocity library, which is used in IBM Engineering Lifecycle Management - Jazz Foundation. Vulnerability Details CVEID:CVE-2020-13936 DESCRIPTION: An attacker that is able to modify Velocity templates may execute arbitrary Java code or run...
CVE-2025-13936
creationtimestamp| type| source ---|---|--- 2025-12-04 22:08:05+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115663574444372667 2025-12-04 22:35:35+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m76ztc2siv2u...
Oracle WebLogic Server (April 2025 CPU)
The 12.2.1.4.0 and 14.1.1.0.0 versions of WebLogic Server installed on the remote host are affected by a vulnerability as referenced in the April 2025 CPU advisory. - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Centralized Thirdparty Jars Apache...
SUSE: Security Advisory (SUSE-SU-2025:0719-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 8 : velocity (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - velocity: arbitrary code execution when attacker is able to modify templates CVE-2020-13936 Note that Nessus has no...
CVE-2019-13936
creationtimestamp| type| source ---|---|--- 2024-02-28 18:46:24+00:00| seen| https://t.me/ctinow/195752...
CVE-2017-13936
Rejected reason: This candidate is unused by its CNA...
Security Bulletin: Vulnerability found in velocity-1.7.jar which is shipped with IBM® Intelligent Operations Center [CVE-2020-13936]
Summary Vulnerability have been identified in velocity-1.7.jar which is shipped with IBM® Intelligent Operations Center. Information about this vulnerability affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. CVE-2020-13936 Vulnerability Details...
Security Bulletin: IBM Match 360 is affected due to a denial of service due to vulnerability in Apache Velocity Engine [CVE-2020-13936]
Summary An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity templates running...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : Velocity Engine vulnerability (USN-6281-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6281-1 advisory. Alvaro Munoz discovered that Velocity Engine incorrectly handled certain inputs. If a user or an automated system were tricked into openin...
Oracle Primavera Unifier (Oct 2022 CPU)
The versions of Primavera Unifier installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2022 CPU advisory. - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering component: Document Management Apache Solr. Supported...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : snakeyaml (SUSE-SU-2022:3397-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3397-1 advisory. - CVE-2022-38750: Fixed uncaught exception in...
SUSE: Security Advisory (SUSE-SU-2022:3397-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...