CVE-2026-4165

A vulnerability has been found in Worksuite HR, CRM and Project Management up to 5.5.25. The affected element is an unknown function of the file /account/orders/create. The manipulation of the argument Client Note leads to cross site scripting. The attack can be initiated remotely. The exploit ha...

AlmaLinux 9 : python3.12 (ALSA-2026:4165)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:4165 advisory. cpython: IMAP command injection in user-controlled commands CVE-2025-15366 cpython: POP3 command injection in user-controlled commands CVE-2025-15367...

CVE-2017-4165

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none...

EUVD-2026-4165

Quick.Cart is vulnerable to Local File Inclusion and Path Traversal issues in the theme selection mechanism. Quick.Cart allows a privileged user to upload arbitrary file contents while only validating the filename extension. This allows an attacker to include and execute uploaded PHP code,...

MiracleLinux 4 : kernel-2.6.32-71.18.1.el6 (AXSA:2011-80:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-80:02 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating...

EUVD-2007-4150

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2018-4165

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes...

CVE-2022-4165

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the cgorder POST parameter before concatenating it to an SQL query in order-custom-fields-with-and-without-search.php. This may allow malicious users with at least author...

CVE-2013-4165

The HTTPAuthorized function in bitcoinrpc.cpp in bitcoind 0.8.1 provides information about authentication failure upon detecting the first incorrect byte of a password, which makes it easier for remote attackers to determine passwords via a timing side-channel attack...

CVE-2022-4165

creationtimestamp| type| source ---|---|--- 2025-04-11 23:51:26+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11517...

CVE-2024-4165

creationtimestamp| type| source ---|---|--- 2025-01-05 01:33:15+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/61 2025-01-05 01:35:59+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/83 2025-01-05 01:38:45+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/105...

Rocky Linux 9 : pki-core (RLSA-2024:4165)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:4165 advisory. dogtag ca: token authentication bypass vulnerability CVE-2023-4727 Tenable has extracted the preceding description block directly from the Rocky Linux security...

Oracle Linux 9 : pki-core (ELSA-2024-4165)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4165 advisory. 11.5.0-2.0.1 - Replaced upstream graphical references Orabug: 33952704 11.5.0-2 - RHEL-9916 CVE-2023-4727 pki-core: dogtag ca: token authentication bypass...

RHEL 9 : pki-core (RHSA-2024:4165)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4165 advisory. The Public Key Infrastructure PKI Core contains fundamental packages required by Red Hat Certificate System. Security Fixes: dogtag ca: token...

CVE-2023-4165

creationtimestamp| type| source ---|---|--- 2023-08-12 14:58:46+00:00| published-proof-of-concept| https://t.me/CNArsenal/858...

RHEL 8 : java-11-openjdk (RHSA-2023:4165)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4165 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...

CVE-2022-4165 Contest Gallery < 19.1.5 - Author+ SQL Injection

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the cgorder POST parameter before concatenating it to an SQL query in order-custom-fields-with-and-without-search.php. This may allow malicious users with at least author...

CVE-2022-4165 Contest Gallery < 19.1.5 - Author+ SQL Injection

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the cgorder POST parameter before concatenating it to an SQL query in order-custom-fields-with-and-without-search.php. This may allow malicious users with at least author...

CVE-2022-4165

CVE-2022-4165 affects the Contest Gallery WordPress plugin (prior to 19.1.5.1) and Contest Gallery Pro (prior to 19.1.5.1). The root cause is failure to escape the cg_order POST parameter before concatenating it into an SQL query in order-custom-fields-with-and-without-search.php, enabling a user...

ai.grakn:grakn-dist (>=0.7.0 <=0.16.0), ai.grakn:grakn-test (=0.10.0) +531 more potentially affected by CVE-2015-4165 via org.elasticsearch:elasticsearch (>=0.10.0 <=1.5.2)

org.elasticsearch:elasticsearch MAVEN version =0.10.0, =0.7.0, =0.6.1, =0.11.0, =0.3.0, =1.0.1, =1.0.0, =1.1.2, =1.0.0, =0.20.3-build002, =0.1PRE2, =0.1PRE1, =0.1PRE3 and more Source cves: CVE-2015-4165 Source advisory: OSV:GHSA-FH5X-4J57-6Q5X...