CVE-2026-2179

A vulnerability was determined in PHPGurukul Hospital Management System 4.0. This impacts an unknown function of the file /admin/manage-users.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be...

CVE-2026-2179 PHPGurukul Hospital Management System manage-users.php sql injection

A vulnerability was determined in PHPGurukul Hospital Management System 4.0. This impacts an unknown function of the file /admin/manage-users.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be...

MiracleLinux 7 : openssl-1.0.1e-51.el7.7 (AXSA:2016-685:04)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-685:04 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries...

EUVD-2014-3910

Malware in sbrugna...

CVE-2025-2179

creationtimestamp| type| source ---|---|--- 2025-07-28 17:00:00+00:00| seen| https://security.paloaltonetworks.com/CVE-2025-2179 2025-07-28 23:03:21+00:00| seen| https://bsky.app/profile/ripjyr.bsky.social/post/3lv2pa6kstg27 2025-08-07 01:59:23+00:00| seen|...

CVE-2024-2179

Concrete CMS version 9 before 9.2.7 is vulnerable to Stored XSS via the Name field of a Group type since there is insufficient validation of administrator provided data for that field. A rogue administrator could inject malicious code into the Name field which might be executed when users visit t...

CVE-2019-2179

In NDEFMsgValidate of ndefutils in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

CVE-2015-2179

The xaviershay-dm-rails gem 0.10.3.8 for Ruby allows local users to discover MySQL credentials by listing a process and its arguments...

CVE-2004-2179

asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service hang via a JPEG image with maximum height and width values...

Siemens SCALANCE X-200RNA Switch Devices Resource Management Errors (CVE-2016-2179)

The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of- order messages, which allows remote attackers to cause a denial of service memory consumption by maintaining many crafted DTLS sessions simultaneously, related t...

CVE-2024-2179

CVE-2024-2179 affects Concrete CMS versions before 9.2.7. A Stored XSS flaw exists in the Name field of a Group type due to insufficient validation of administrator-provided data, potentially allowing code execution when affected pages are viewed. Multiple sources corroborate the impact and scope...

CVE-2015-2179

The xaviershay-dm-rails gem 0.10.3.8 for Ruby allows local users to discover MySQL credentials by listing a process and its arguments...

CVE-2015-2179

The CVE-2015-2179 issue affects the xaviershay-dm-rails gem for Ruby, version 0.10.3.8, where a flaw in the execute() function in /datamapper/dm-rails/blob/master/lib/dm-rails/storage.rb exposes sensitive information via the process table. This can allow local users to discover MySQL credentials ...

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2023-2179)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-2179

creationtimestamp| type| source ---|---|--- 2023-05-15 16:43:06+00:00| seen| https://t.me/cibsecurity/64117 2025-01-24 21:05:20+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/3026...

CVE-2023-2179

The WooCommerce Order Status Change Notifier WordPress plugin through 1.1.0 does not have authorisation and CSRF when updating status orders via an AJAX action available to any authenticated users, which could allow low privilege users such as subscriber to update arbitrary order status, making...

CVE-2023-2179 WooCommerce Order Status Change Notifier <= 1.1.0 - Subscriber+ Arbitrary Order Status Update

The WooCommerce Order Status Change Notifier WordPress plugin through 1.1.0 does not have authorisation and CSRF when updating status orders via an AJAX action available to any authenticated users, which could allow low privilege users such as subscriber to update arbitrary order status, making...

CVE-2023-2179 WooCommerce Order Status Change Notifier <= 1.1.0 - Subscriber+ Arbitrary Order Status Update

The WooCommerce Order Status Change Notifier WordPress plugin through 1.1.0 does not have authorisation and CSRF when updating status orders via an AJAX action available to any authenticated users, which could allow low privilege users such as subscriber to update arbitrary order status, making...

Oracle Linux 9 : libguestfs-winsupport (ELSA-2023-2179)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-2179 advisory. 9.2-1 - Rebase to ntfs-3g 2022.5.17 - Fixes: CVE-2021-46790, CVE-2022-30783, CVE-2022-30784, CVE-2022-30785, CVE-2022-30786, CVE-2022-30787,...

AlmaLinux 9 : libguestfs-winsupport (ALSA-2023:2179)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:2179 advisory. - ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+5123-2. NOTE: the upstream position is that ntfsck is deprecated;...