CyberSecurityBoard
Sponsor Register Login

CVE-2025-0736

A flaw was found in Infinispan, when using JGroups with JDBC_PING. This issue occurs when an application inadvertently exposes sensitive information, such as configuration details or credentials, through logging mechanisms. This exposure can lead to unauthorized access and exploitation by malicious actors.

This Cyber News was published on www.tenable.com. Publication date: Wed, 29 Jan 2025 04:56:02 +0000


Cyber News related to CVE-2025-0736

CVE-2005-0728 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-0736. Reason: This candidate is a duplicate of CVE-2005-0736. Notes: All CVE users should reference CVE-2005-0736 instead of this candidate. All references and descriptions in ...
55 years ago Tenable.com
CVE-2025-0736 - A flaw was found in Infinispan, when using JGroups with JDBC_PING. This issue occurs when an application inadvertently exposes sensitive information, such as configuration details or credentials, through logging mechanisms. This exposure can lead to ...
1 day ago Tenable.com
Microsoft releases first Windows Server 2025 preview build - Microsoft has released Windows Server Insider Preview 26040, the first Windows Server 2025 build for admins enrolled in its Windows Insider program. This build is the first pushed for the next Windows Server Long-Term Servicing Channel Preview, which ...
1 year ago Bleepingcomputer.com
CVE-2010-0132 - Cross-site scripting (XSS) vulnerability in ViewVC 1.1 before 1.1.5 and 1.0 before 1.0.11, when the regular expression search functionality is enabled, allows remote attackers to inject arbitrary web script or HTML via vectors related to ...
6 years ago
CVE-2000-0736 - Buffer overflow in Becky! Internet Mail client 1.26.04 and earlier allows remote attackers to cause a denial of service via a long Content-type: MIME header when the user forwards a message. ...
16 years ago
CVE-2002-0736 - Microsoft BackOffice 4.0 and 4.5, when configured to be accessible by other systems, allows remote attackers to bypass authentication and access the administrative ASP pages via an HTTP request with an authorization type (auth_type) that is not ...
16 years ago
CVE-2010-0736 - Cross-site scripting (XSS) vulnerability in the view_queryform function in lib/viewvc.py in ViewVC before 1.0.10, and 1.1.x before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via "user-provided input." ...
14 years ago
CVE-2011-0736 - ** DISPUTED ** Adobe ColdFusion 9.0.1 CHF1 and earlier, when a web application is configured to use a DBMS, allows remote attackers to obtain potentially sensitive information about the database structure via an id- query to a .cfm file. NOTE: the ...
13 years ago
CVE-2009-0736 - Cross-site scripting (XSS) vulnerability in Pebble before 2.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. ...
12 years ago
CVE-2013-0736 - Multiple cross-site request forgery (CSRF) vulnerabilities in the Mingle Forum plugin 1.0.34 and possibly earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) modify user privileges or (2) ...
11 years ago
CVE-2014-0736 - Cross-site request forgery (CSRF) vulnerability in the Call Detail Records Analysis and Reporting (CAR) page in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to hijack the authentication of arbitrary ...
9 years ago
CVE-2003-0736 - Multiple cross-site scripting (XSS) vulnerabilities in phpWebSite 0.9.x and earlier allow remote attackers to execute arbitrary web script via (1) the day parameter in the calendar module, (2) the fatcat_id parameter in the fatcat module, (3) the ...
8 years ago
CVE-2015-0736 - Cross-site request forgery (CSRF) vulnerability in Cisco MediaSense 10.5(1) and earlier allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu16728. ...
8 years ago
CVE-2004-0736 - The search module in Php-Nuke allows remote attackers to gain sensitive information via the (1) "**" or (2) "+" search patterns, which reveals the path in an error message. ...
7 years ago
CVE-2007-0736 - Integer overflow in the RPC library in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via crafted requests to portmap. ...
7 years ago
CVE-2012-0736 - IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not properly create scan jobs, which allows remote attackers to execute arbitrary code via a crafted web site. ...
7 years ago
CVE-2001-0736 - Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack. ...
7 years ago
CVE-2005-0736 - Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events. ...
6 years ago
CVE-1999-0736 - The showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. ...
6 years ago
CVE-2008-0736 - admin/SA_shipFedExMeter.asp in CandyPress (CP) 4.1.1.26, and possibly other 4.x and 3.x versions, allows remote attackers to obtain the path via a certain value of the FedExAccount parameter. ...
1 year ago
CVE-2017-0736 - A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-38487564. ...
5 years ago
CVE-2006-0736 - Stack-based buffer overflow in the pam_micasa PAM authentication module in CASA on Novell Linux Desktop 9 and Open Enterprise Server 1 allows remote attackers to execute arbitrary code via unspecified vectors. ...
4 years ago
CVE-2019-0736 - A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka 'Windows DHCP Client Remote Code Execution Vulnerability'. ...
4 years ago
CVE-2016-0736 - In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated ...
3 years ago
CVE-2020-0736 - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. ...
3 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)