120 matches found
CVE-2026-1162
creationtimestamp| type| source ---|---|--- 2026-01-18 21:00:05+00:00| seen| https://infosec.exchange/users/vuldb/statuses/115918111077763770 2026-01-19 17:25:42+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcs5xitfz22m 2026-01-19 17:56:35+00:00| seen|...
PT-2026-3418
Name of the Vulnerable Software and Affected Versions UTT HiPER 810 version 1.7.4-141218 Description A buffer overflow issue exists in the strcpy function within the /goform/setSysAdm file of UTT HiPER 810. Manipulation of the passwd1 argument triggers the overflow. Remote exploitation is possibl...
EUVD-2026-1162
RustFS is a distributed object storage system built in Rust. In versions 1.0.0-alpha.13 to 1.0.0-alpha.78, RustFS contains a path traversal vulnerability in the /rustfs/rpc/readfilestream endpoint. This issue has been patched in version 1.0.0-alpha.79...
ECHO-55F2-1162-D171
Bulletin has no description...
Amazon Linux 2023 : cargo, clippy, rust (ALAS2023-2025-1162)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1162 advisory. There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommen...
CVE-2013-1162
The traffic engineering TE processing subsystem in Cisco IOS XR allows remote attackers to cause a denial of service process restart via crafted TE packets, aka Bug ID CSCue04000...
CVE-2025-1162 code-projects Job Recruitment load\_user-profile.php sql injection
A vulnerability classified as critical has been found in code-projects Job Recruitment 1.0. This affects an unknown part of the file /\parse/load\user-profile.php. The manipulation of the argument userhash leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...
CVE-2022-1162
A hardcoded password was set for accounts registered using an OmniAuth provider e.g. OAuth, LDAP, SAML in GitLab CE/EE versions 14.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allowing attackers to potentially take over accounts...
openSUSE Security Advisory (SUSE-SU-2024:1162-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-1162
CVE-2024-1162 overview (Orbit Fox, ThemeIsle, WordPress) : The Orbit Fox plugin (ThemeIsle) for WordPress is vulnerable to Cross-Site Forgery via a missing/incorrect nonce validation in the register_reference() function, affecting versions up to and including 2.10.29. This CSRF flaw can allow una...
WordPress Orbit Fox by ThemeIsle Plugin <= 2.10.29 is vulnerable to Cross Site Request Forgery (CSRF)
Software Orbit Fox by ThemeIsle Type Plugin Vulnerable versions = 2.10.29 Fixed in 2.10.230 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1162 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4eb624d90158 Credits Francesc...
CVE-2023-1162
UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, was found in DrayTek Vigor 2960 1.5.1.4/1.5.1.5. Affected is an unknown function of the file mainfunction.cgi of the component Web Management Interface. The manipulation of the argument password leads to command injectio...
CVE-2023-1162 DrayTek Vigor 2960 Web Management Interface mainfunction.cgi command injection
UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, was found in DrayTek Vigor 2960 1.5.1.4/1.5.1.5. Affected is an unknown function of the file mainfunction.cgi of the component Web Management Interface. The manipulation of the argument password leads to command injectio...
CVE-2023-1162
The CVE concerns DrayTek Vigor 2960 Web Management Interface mainfunction.cgi. Affects versions 1.5.1.4/1.5.1.5; vulnerability arises from inadequate handling of the password argument in the mainfunction.cgi function, enabling remote command injection. Exploitation can be performed remotely, and ...
SUSE CVE-2011-1161
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-1160, CVE-2011-1162. Reason: This candidate was withdrawn by its CNA. Further investigation showed that only two candidates, CVE-2011-1160 and CVE-2011-1162, were needed for the set of security issues in question. Notes: none...
GitLab Hardcoded Credentials (CVE-2022-1162)
A hardcoded credentials vulnerability exists in GitLab. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...
openSUSE: Security Advisory for subversion (SUSE-SU-2022:1162-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Gitlab 14.9 Authentication Bypass
Exploit Title: Gitlab 14.9 - Authentication Bypass Date: 12/04/2022 Exploit Authors: Greenwolf & stacksmashing Vendor Homepage: https://about.gitlab.com/ Software Link: https://about.gitlab.com/install Version: GitLab CE/EE versions 14.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to...
Gitlab 14.9 - Authentication Bypass Vulnerability
Exploit Title: Gitlab 14.9 - Authentication Bypass Exploit Authors: Greenwolf & stacksmashing Vendor Homepage: https://about.gitlab.com/ Software Link: https://about.gitlab.com/install Version: GitLab CE/EE versions 14.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 Tested on:...
Gitlab 14.9 - Authentication Bypass
Exploit Title: Gitlab 14.9 - Authentication Bypass Date: 12/04/2022 Exploit Authors: Greenwolf Vendor Homepage: https://about.gitlab.com/ Software Link: https://about.gitlab.com/install Version: GitLab CE/EE versions 14.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 Tested on:...