SUSE: Security Advisory (SUSE-SU-2026:1166-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2026-1166

creationtimestamp| type| source ---|---|--- 2026-03-25 06:10:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhugjcqvxp2g 2026-03-25 18:14:51+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/hitachi-security-advisory-av26-279 2026-03-25 20:03:03+00:00| seen|...

CVE-2026-1166

Open Redirect vulnerability in Hitachi Ops Center Administrator.This issue affects Hitachi Ops Center Administrator: from 10.2.0 before 11.0.8...

MiracleLinux 3 : xorg-x11-server-1.1.1-48.76.1.0.1.AXS3 (AXSA:2010-270:03)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2010-270:03 advisory. The X.Org X11 X server Security issues fixed with this release: CVE-2010-1166 No description available at the time of writing, please use the link provided...

Amazon Linux 2023 : tomcat10, tomcat10-admin-webapps, tomcat10-el-5.0-api (ALAS2023-2025-1166)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1166 advisory. Improper Resource Shutdown or Release vulnerability in Apache Tomcat made Tomcat vulnerable to the made you reset attack. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.9, from 10.1.0-M1...

CVE-2020-1166

An elevation of privilege vulnerability exists when Windows improperly handles calls to Clipboard Service, aka 'Windows Clipboard Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1111, CVE-2020-1121, CVE-2020-1165...

CVE-2025-1166

creationtimestamp| type| source ---|---|--- 2025-02-11 02:20:33+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhulw4sydy27 2025-02-11 05:38:22+00:00| seen| https://t.me/cvedetector/17640...

CVE-2025-1166

CVE-2025-1166 applies to SourceCodester Food Menu Manager 1.0. The vulnerability is in the file endpoint/update.php, enabling unrestricted file uploads and allowing remote exploitation. Impact is described as critical in multiple sources, with potential for arbitrary uploaded content and impact o...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2025-1166)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-1166

creationtimestamp| type| source ---|---|--- 2024-10-10 02:52:34+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/797...

CVE-2024-1166

The Image Hover Effects – Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Hover Effects Widget in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2024-2802

Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-1166. Reason: This candidate is a reservation duplicate of CVE-2024-1166. Notes: All CVE users should reference CVE-2024-1166 instead of this candidate. All references and descriptions in this candidate have been remov...

Huawei EulerOS: Security Advisory for tomcat (EulerOS-SA-2024-1166)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 5 : ELSA-2013-1166-1: / kernel (ELSA-2013-11661)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-11661 advisory. - The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize...

CVE-2023-1166

creationtimestamp| type| source ---|---|--- 2023-06-27 18:12:05+00:00| seen| https://t.me/cibsecurity/65573...

CVE-2023-1166

The CVE-2023-1166 issue affects the USM-Premium WordPress plugin prior to version 16.3. The root cause is inadequate sanitization/escaping of certain plugin settings, enabling Stored XSS by high-privilege users (e.g., administrators) even when unfiltered_html is disallowed (e.g., in multisite set...

WordPress Social Media & Share Icons Plugin <= 2.8.1 is vulnerable to Cross Site Scripting (XSS)

Software Social Media & Share Icons Type Plugin Vulnerable versions = 2.8.1 Fixed in 2.8.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1166 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID e1cf41a27d19 Credits Mohamed Selim...

CVE-2022-1166

The JobMonster Theme was vulnerable to Directory Listing in the /wp-content/uploads/jobmonster/ folder, as it did not include a default PHP file, or .htaccess file. This could expose personal data such as people's resumes. Although Directory Listing can be prevented by securely configuring the we...

CVE-2022-1166

The CVE-2022-1166 issue affects the WordPress JobMonster Theme. The root cause is directory listing in the /wp-content/uploads/jobmonster/ folder due to absence of a default PHP file or .htaccess, which could expose personal data such as resumes. Public details in connected sources confirm the vu...

CVE-2021-20730

Improper access control vulnerability in WSR-1166DHP3 firmware Ver.1.16 and prior and WSR-1166DHP4 firmware Ver.1.02 and prior allows an attacker to obtain configuration information via unspecified vectors...