CVE-2026-2164

A security flaw has been discovered in detronetdip E-commerce 1.0.0. This issue affects some unknown processing of the file /seller/assets/backend/profile/addadhar.php. Performing a manipulation of the argument File results in unrestricted upload. Remote exploitation of the attack is possible. Th...

CVE-2026-2164

A security flaw has been discovered in detronetdip E-commerce 1.0.0. This issue affects some unknown processing of the file /seller/assets/backend/profile/addadhar.php. Performing a manipulation of the argument File results in unrestricted upload. Remote exploitation of the attack is possible. Th...

CVE-2026-2164

Detronetdip E-commerce 1.0.0 is affected by an unrestricted upload vulnerability in the file path /seller/assets/backend/profile/addadhar.php. The issue arises from manipulating the File argument, enabling remote code upload and exploitation. Public exploitation has been released, and maintainers...

EUVD-2026-2164

Heap-based buffer overflow in Connected Devices Platform Service Cdpsvc allows an authorized attacker to elevate privileges locally...

CVE-2019-2164

In libxaac there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113263695...

Linux Distros Unpatched Vulnerability : CVE-2021-2164

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.23 and prior. Easily...

CVE-2025-2164

The pixelstats plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'postid' and 'sortby' parameters in all versions up to, and including, 0.8.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

CVE-2025-2164 pixelstats <= 0.8.2 - Reflected Cross-Site Scripting

The pixelstats plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'postid' and 'sortby' parameters in all versions up to, and including, 0.8.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

openSUSE: Security Advisory for chromium (openSUSE-SU-2022:10035-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2021-2164

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2023-2164

creationtimestamp| type| source ---|---|--- 2023-08-02 07:39:06+00:00| seen| https://t.me/cibsecurity/67554...

CVE-2023-2164

An issue has been discovered in GitLab affecting all versions starting from 15.9 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible for an attacker to trigger a stored XSS vulnerability via user interaction with a crafted U...

CVE-2023-2164 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

An issue has been discovered in GitLab affecting all versions starting from 15.9 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible for an attacker to trigger a stored XSS vulnerability via user interaction with a crafted U...

CVE-2023-2164

Removed by vendor...

CVE-2023-2164 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

An issue has been discovered in GitLab affecting all versions starting from 15.9 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible for an attacker to trigger a stored XSS vulnerability via user interaction with a crafted U...

GitLab 15.9 < 16.0.8 / 16.1.0 < 16.1.3 / 16.2.0 < 16.2.2 (CVE-2023-2164)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting all versions starting from 15.9 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was...

Fedora: Security Advisory for chromium (FEDORA-2022-1d3d5a0341)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2022-2164

Inappropriate implementation in Extensions API in Google Chrome prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted HTML page...

CVE-2022-2164

Inappropriate implementation in Extensions API in Google Chrome prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted HTML page...

CVE-2022-2164

CVE-2022-2164 is an issue in Google Chrome’s Extensions API (pre-103.0.5060.53) where an attacker could bypass discretionary access control via a crafted HTML page if the user installs a malicious extension. Affected software: Chrome (Extensions API). Root cause: inappropriate implementation in t...