RHCOS 3 : OpenShift Container Platform 3.11 jenkins-2-plugins (RHSA-2020:0964)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0964 advisory. - openshift/jenkins-plugin: Deserialization in snakeyaml YAML objects allows for remote code execution CVE-2020-2167 Note that Nessus has not...

CVE-2026-2167

A vulnerability was detected in Totolink WA300 5.2cu.7112B20190227. The impacted element is the function setAPNetwork of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument Ipaddr results in os command injection. The attack may be performed from remote. The exploit is now public and m...

EUVD-2026-2167

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network...

CVE-2019-2167

In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118615501...

CVE-2005-2167

Cross-site scripting XSS vulnerability in index.php in Plague News System 0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the cid parameter...

CVE-2025-2167

creationtimestamp| type| source ---|---|--- 2025-03-26 09:26:01+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8817 2025-03-26 12:12:47+00:00| seen| https://t.me/cvedetector/21160...

CVE-2025-2167 Event post <= 5.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Event post plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'eventslist' shortcodes in all versions up to, and including, 5.9.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

RHEL 7 : subversion (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - subversion: moddavsvn integer overflow when parsing skel-encoded request bodies CVE-2015-5343 - The...

RHEL 5 : subversion (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - subversion: Command injection through clients via malicious svn+ssh URLs CVE-2017-9800 - The...

RHEL 7 : subversion (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - subversion: svnserve/sasl may authenticate users using the wrong realm CVE-2016-2167 - The reqcheckaccess...

CVE-2013-2167

creationtimestamp| type| source ---|---|--- 2024-03-09 11:11:58+00:00| seen| https://t.me/ctinow/203884...

Amazon Linux 2 : bluez (ALAS-2023-2167)

The version of bluez installed on the remote host is prior to 5.44-7. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2167 advisory. A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially...

Oracle Linux 9 : grafana (ELSA-2023-2167)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-2167 advisory. - resolve CVE-2022-39229 grafana: Using email as a username can prevent other users from signing in - resolve CVE-2022-2880 CVE-2022-41715 grafana:...

Debian: Security Advisory (DLA-448-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2016-2167

The canonicalizeusername function in svnserve/cyrusauth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm string that is a prefix of an expected repositor...

CVE-2022-2167

creationtimestamp| type| source ---|---|--- 2022-10-31 19:38:21+00:00| seen| https://t.me/cibsecurity/52306...

CVE-2022-2167

The Newspaper WordPress theme before 12 does not sanitise a parameter before outputting it back in an HTML attribute via an AJAX action, leading to a Reflected Cross-Site Scripting...

CVE-2022-2167

CVE-2022-2167 affects the Newspaper WordPress theme prior to v12. The issue is a reflected XSS in which a parameter is not sanitized before being echoed back into an HTML attribute via an AJAX action, enabling script execution in the victim’s browser. Public-enrichment sources consistently identi...

CVE-2022-2167 Newspaper < 12 - Reflected Cross-Site Scripting

The Newspaper WordPress theme before 12 does not sanitise a parameter before outputting it back in an HTML attribute via an AJAX action, leading to a Reflected Cross-Site Scripting...

Important: Red Hat Security Advisory: kpatch-patch security update

An update is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...