Oracle Linux 10 : git-lfs (ELSA-2026-4164)

The remote Oracle Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-4164 advisory. 3.6.1-7 - Rebuild with new Golang 3.6.1-6 - Rebuild with new Golang 3.6.1-5 - Rebuild with new Golang Tenable has extracted the preceding description...

RHSA-2026:4164 Red Hat Security Advisory: git-lfs security update

Bulletin has no description...

EUVD-2026-4164

MeetingHub developed by HAMASTAR Technology has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access specific API functions and obtain meeting-related information...

CVE-2009-4164

Cross-site scripting XSS vulnerability in the simple Glossar simpleglossar extension 1.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2023-4164

There is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of health data with no additional execution privileges needed...

EUVD-2017-4164

Malware in sbrugna...

RHSA-2024:4164

creationtimestamp| type| source ---|---|--- 2025-08-01 19:46:22+00:00| seen| Telegram/O8FwmjqjKQMaQrdgMgHP9iBegxKxQxSENSkPsU2n4egHQc...

CVE-2022-4164

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the cgmultiplefilesforpost POST parameter before concatenating it to an SQL query in 0change-gallery.php. This may allow malicious users with at least author privilege to leak...

Debian: Security Advisory (DLA-4164-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DLA-4164-1 libeconf - security update

Bulletin has no description...

CVE-2025-4164

A vulnerability, which was classified as critical, was found in PHPGurukul Employee Record Management System 1.3. Affected is an unknown function of the file changepassword.php. The manipulation of the argument currentpassword leads to sql injection. It is possible to launch the attack remotely...

CVE-2025-4164

CVE-2025-4164 describes a SQL injection in PHPGurukul Employee Record Management System v1.3, triggered by manipulating the currentpassword argument in changepassword.php. The vulnerability affects an unknown function within changepassword.php and is exploitable remotely, with public disclosure o...

CVE-2025-4164 PHPGurukul Employee Record Management System changepassword.php sql injection

A vulnerability, which was classified as critical, was found in PHPGurukul Employee Record Management System 1.3. Affected is an unknown function of the file changepassword.php. The manipulation of the argument currentpassword leads to sql injection. It is possible to launch the attack remotely...

CVE-2025-4164 PHPGurukul Employee Record Management System changepassword.php sql injection

A vulnerability, which was classified as critical, was found in PHPGurukul Employee Record Management System 1.3. Affected is an unknown function of the file changepassword.php. The manipulation of the argument currentpassword leads to sql injection. It is possible to launch the attack remotely...

Linux Distros Unpatched Vulnerability : CVE-2015-4164

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The compatiret function in Xen 3.1 through 4.5 iterates the wrong way through a loop, which allows local 32-bit PV guest administrators to cause a denial of...

Ruby on Rails JSON Processor Floating Point Heap Overflow Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ruby on Rails JSON Processor Floating Point Heap Overflow DoS', 'Description' = %q When Ruby attempts to convert a string representation of a lar...

RHEL 8 : pki-core (RHSA-2024:4164)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4164 advisory. The Public Key Infrastructure PKI Core contains fundamental packages required by Red Hat Certificate System. Security Fixes: dogtag ca: token...

CVE-2024-4164 Tenda G3 ModifyPppAuthWhiteMac formModifyPppAuthWhiteMac stack-based overflow

A vulnerability, which was classified as critical, has been found in Tenda G3 15.11.0.179502. This issue affects the function formModifyPppAuthWhiteMac of the file /goform/ModifyPppAuthWhiteMac. The manipulation of the argument pppoeServerWhiteMacIndex leads to stack-based buffer overflow. The...

openSUSE: Security Advisory for the Linux Kernel RT (Live Patch 13 for SLE 15 SP4) (SUSE-SU-2023:4164-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-4164

CVE-2023-4164 affects Google Pixel Watch. It describes a local information-disclosure vulnerability caused by a missing permission check that could expose health data without extra privileges. Public details confirm the issue but do not provide exploit specifics. Impact is focused on confidential...