Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001165)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001165 advisory. drivers/media/usb/dvb-usb/dib0700devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service BUG and system crash or possibly have...

MiracleLinux 4 : openssl-1.0.0-20.AXS4.3 (AXSA:2012-459:04)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-459:04 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries...

CVE-2022-38664

Jenkins Job Configuration History Plugin 1165.v8cc9fd1f4597 and earlier does not escape the job name on the System Configuration History page, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure job names...

CVE-2025-1165

A vulnerability, which was classified as critical, was found in Lumsoft ERP 8. Affected is the function DoUpload/DoWebUpload of the file /Api/FileUploadApi.ashx. The manipulation of the argument file leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been...

CVE-2022-1165

The Blackhole for Bad Bots WordPress plugin before 3.3.2 uses headers such as CF-CONNECTING-IP, CLIENT-IP etc to determine the IP address of requests hitting the blackhole URL, which allows them to be spoofed. This could result in blocking arbitrary IP addresses, such as legitimate/good search...

CVE-2020-1165

An elevation of privilege vulnerability exists when Windows improperly handles calls to Clipboard Service, aka 'Windows Clipboard Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1111, CVE-2020-1121, CVE-2020-1166...

CVE-2013-1165

Cisco IOS XE 2.x and 3.x before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers ASR allows remote attackers to cause a denial of service card reload by sending many crafted L2TP packets, aka Bug ID CSCtz23293...

Linux Distros Unpatched Vulnerability : CVE-2012-1165

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mimeparamcmp function in crypto/asn1/asnmime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service NULL...

Linux Distros Unpatched Vulnerability : CVE-2011-1165

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vino, possibly before 3.2, does not properly document that it opens ports in UPnP routers when the Configure network to automatically accept connections setting...

CVE-2025-1165

Lumsoft ERP 8 is affected by CVE-2025-1165 in the DoUpload/DoWebUpload function of /Api/FileUploadApi.ashx. The vulnerability arises from manipulating the file argument to enable unrestricted remote uploads. Public exploits have been disclosed. Red Hat and community advisories corroborate the iss...

CVE-2025-1165 Lumsoft ERP FileUploadApi.ashx DoWebUpload unrestricted upload

A vulnerability, which was classified as critical, was found in Lumsoft ERP 8. Affected is the function DoUpload/DoWebUpload of the file /Api/FileUploadApi.ashx. The manipulation of the argument file leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been...

CVE-2024-1165

creationtimestamp| type| source ---|---|--- 2024-02-26 17:42:21+00:00| seen| https://t.me/ctinow/193543 2024-03-14 03:51:26+00:00| seen| https://t.me/ctinow/207409...

CVE-2024-1165

The Brizy – Page Builder plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4.39 via the 'id'. This makes it possible for authenticated attackers, with contributor-level access and above, to upload files to arbitrary locations on the server...

WordPress Brizy Plugin <= 2.4.40 is vulnerable to Directory Traversal

Software Brizy Type Plugin Vulnerable versions = 2.4.40 Fixed in 2.4.41 OWASP Top 10 A1: Broken Access Control Classification Directory Traversal CVE CVE-2024-1165 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID d07c7816cd90 Credits wesley wcraft Required privilege...

CVE-2024-1165

Brizy – Page Builder (WordPress)

CVE-2023-1165 Zhong Bang CRMEB Java list sql injection

A vulnerability was found in Zhong Bang CRMEB Java 1.3.4. It has been classified as critical. This affects an unknown part of the file /api/admin/system/store/order/list. The manipulation of the argument keywords leads to sql injection. The exploit has been disclosed to the public and may be used...

CVE-2023-1165

CVE-2023-1165 affects Zhong Bang CRMEB Java 1.3.4. The issue resides in the /api/admin/system/store/order/list endpoint, where manipulating the keywords parameter leads to SQL injection. Multiple sources confirm a critical vulnerability with exploit having been disclosed publicly. No patch/versio...

Jenkins Job Configuration History Plugin 跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A cross-site scripting...

PT-2022-24514 · Jenkins · Jenkins Job Configuration History Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Job Configuration History Plugin versions 1165.v8cc9fd1f4597 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability. This occurs because the job name on the System Configuration History page is n...

CVE-2022-1165 Blackhole for Bad Bots < 3.3.2 - Arbitrary IP Address Blocking via IP Spoofing

The Blackhole for Bad Bots WordPress plugin before 3.3.2 uses headers such as CF-CONNECTING-IP, CLIENT-IP etc to determine the IP address of requests hitting the blackhole URL, which allows them to be spoofed. This could result in blocking arbitrary IP addresses, such as legitimate/good search...