EUVD-2026-1436

Plesk Obsidian versions 8.0.1 through 18.0.73 are vulnerable to a Denial of Service DoS condition. The vulnerability exists in the getpassword.php endpoint, where a crafted request containing a malicious payload can cause the affected web interface to continuously reload, rendering the service...

CVE-2019-1436

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1440...

CVE-2025-1436

The Limit Bio WordPress plugin through 1.0 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

CVE-2025-1436

creationtimestamp| type| source ---|---|--- 2025-03-13 08:55:37+00:00| seen| https://t.me/cvedetector/20189...

CVE-2025-1436

CVE-2025-1436 refers to the Limit Bio WordPress plugin (

Linux Distros Unpatched Vulnerability : CVE-2023-1436

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads...

Security Bulletin: IBM Asset Data Dictionary Component uses grpc-protobuf-1.50.2.jar and jettison-1.5.2.jar which is vulnerable to CVE-2023-32731 and CVE-2023-1436

Summary IBM Asset Data Dictionary Component uses grpc-protobuf-1.50.2.jar and jettison-1.5.2.jar which is vulnerable to CVE-2023-32731 and CVE-2023-1436. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-32731 DESCRIPTION: gRPC...

Security Bulletin: Vulnerability in Jettison affects IBM watsonx.data

Summary Jettison is vulnerable to a denial of service, caused by an infinite recursion when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. A remote attacker could exploit this vulnerability to cause a denial of service. This can affect...

RHEL 9 : log4j (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - apache-commons-net: FTP client trusts the host from PASV response by default CVE-2021-37533 - Those using...

Rocky Linux 9 : postgresql-jdbc (RLSA-2024:1436)

The remote Rocky Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2024:1436 advisory. - pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is n...

Oracle Linux 9 : postgresql-jdbc (ELSA-2024-1436)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-1436 advisory. 42.2.28-1 - rebase to 42.2.28 - fix for CVE-2024-1597 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. No...

CVE-2024-1436

creationtimestamp| type| source ---|---|--- 2024-02-26 17:42:22+00:00| seen| https://t.me/ctinow/193544 2024-03-14 09:51:10+00:00| seen| https://t.me/ctinow/207575...

CVE-2024-1436

CVE-2024-1436 affects the WordPress plugin set “WooCommerce Coupon Popup, SmartBar, Slide In | MyShopKit,” exposing sensitive data to unauthorized actors via unauthenticated access. The vulnerability impacts versions up to 1.0.9 (no fixed version listed in the provided data). Connected RH/Wordfen...

CVE-2024-1436 WordPress WooCommerce Coupon Popup, SmartBar, Slide In | MyShopKit Plugin <= 1.0.9 is vulnerable to Sensitive Data Exposure

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wiloke WooCommerce Coupon Popup, SmartBar, Slide In | MyShopKit.This issue affects WooCommerce Coupon Popup, SmartBar, Slide In | MyShopKit: from n/a through 1.0.9...

CVE-2024-1436 WordPress WooCommerce Coupon Popup, SmartBar, Slide In | MyShopKit Plugin <= 1.0.9 is vulnerable to Sensitive Data Exposure

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wiloke WooCommerce Coupon Popup, SmartBar, Slide In | MyShopKit.This issue affects WooCommerce Coupon Popup, SmartBar, Slide In | MyShopKit: from n/a through 1.0.9...

WordPress WooCommerce Coupon Popup, SmartBar, Slide In | MyShopKit Plugin <= 1.0.9 is vulnerable to Sensitive Data Exposure

Software WooCommerce Coupon Popup, SmartBar, Slide In | MyShopKit Type Plugin Vulnerable versions = 1.0.9 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-1436 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 8b17a4bc28...

CVE-2019-1436

creationtimestamp| type| source ---|---|--- 2024-02-13 07:56:15+00:00| seen| https://t.me/ctinow/183641...

CVE-2023-1436

creationtimestamp| type| source ---|---|--- 2024-02-08 09:11:54+00:00| seen| https://t.me/ctinow/181234 2024-02-08 09:41:24+00:00| seen| https://t.me/ctinow/181244 2024-02-08 09:41:25+00:00| seen| https://t.me/ctinow/181245 2024-02-08 09:41:26+00:00| seen| https://t.me/ctinow/181246 2024-02-08...

OESA-2023-1968 jettison security update

Jettison is a collection of Java APIs like STaX and DOM which read and write JSON. This allows nearly transparent enablement of JSON based web services in services frameworks like CXF or XML serialization frameworks like XStream. Security Fixes: An infinite recursion is triggered in Jettison when...

Security Bulletin: IBM Sterling B2B Integrator EBICs client affected by multiple issues due to Jettison

Summary IBM Sterling B2B Integrator uses Jettison in its EBICs client. Vulnerability Details CVEID:CVE-2023-1436 DESCRIPTION: Jettison is vulnerable to a denial of service, caused by an infinite recursion when constructing a JSONArray from a Collection that contains a self-reference in one of its...