CVE-2026-6164

A security flaw has been discovered in code-projects Lost and Found Thing Management 1.0. This affects an unknown part of the file /addcat.php. Performing a manipulation of the argument cata results in sql injection. The attack can be initiated remotely. The exploit has been released to the publi...

CVE-2026-6164

creationtimestamp| type| source ---|---|--- 2026-04-13 07:18:08+00:00| seen| Telegram/IHOzCDm6ocMXwhKClYe85fycTrPO6GtT3pOiprPCJXwKD8...

RHSA-2026:6164 Red Hat Security Advisory: kernel security update

Bulletin has no description...

CVE-2025-6164

A vulnerability was found in TOTOLINK A3002R 4.0.0-B20230531.1404. It has been classified as critical. This affects an unknown part of the file /boafrm/formMultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to...

CVE-2025-6164

TOTOLINK A3002R (version 4.0.0-B20230531.1404) contains a buffer overflow in the HTTP POST Request Handler, originating from the /boafrm/formMultiAP file when processing the submit-url parameter. The issue can be exploited remotely and affects the specified component, per multiple sources. Some r...

CVE-2025-6164

creationtimestamp| type| source ---|---|--- 2025-06-16 13:54:33+00:00| seen| https://infosec.exchange/users/vuldb/statuses/114693378725524836 2025-06-17 05:40:41+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18564 2025-06-17 07:27:58+00:00| seen|...

CVE-2024-6164

creationtimestamp| type| source ---|---|--- 2024-07-18 09:16:25+00:00| seen| https://t.me/cvedetector/1141 2024-08-30 06:52:02+00:00| published-proof-of-concept| https://t.me/codeb0ss/1554 2024-08-31 12:29:12+00:00| published-proof-of-concept|...

CVE-2024-6164

The Filter & Grids WordPress plugin before 2.8.33 is vulnerable to Local File Inclusion via the postlayout parameter. This makes it possible for an unauthenticated attacker to include and execute PHP files on the server, allowing the execution of any PHP code in those files...

CVE-2024-6164

The Filter & Grids WordPress plugin before 2.8.33 is vulnerable to Local File Inclusion via the postlayout parameter. This makes it possible for an unauthenticated attacker to include and execute PHP files on the server, allowing the execution of any PHP code in those files...

CVE-2024-6164 Filter & Grids < 2.8.33 - Unauthenticated LFI

The Filter & Grids WordPress plugin before 2.8.33 is vulnerable to Local File Inclusion via the postlayout parameter. This makes it possible for an unauthenticated attacker to include and execute PHP files on the server, allowing the execution of any PHP code in those files...

WordPress Filter & Grids Plugin < 2.8.33 is vulnerable to Local File Inclusion

Software Filter & Grids Type Plugin Vulnerable versions 2.8.33 Fixed in 2.8.33 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-6164 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID fa64410035b5 Credits Project Black Required privilege...

CVE-2023-6164

The CVE-2023-6164 entry concerns the MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance plugin for WordPress. It is vulnerable to CSS Injection via the newColor parameter due to insufficient input sanitization in all versions up to and including 4.5.1.2 . The issue affects aut...

Rocky Linux 8 : thunderbird (RLSA-2022:6164)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:6164 advisory. - An attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the address bar...

Ubuntu 16.04 ESM / 18.04 ESM : c-ares vulnerabilities (USN-6164-2)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6164-2 advisory. USN-6164-1 fixed several vulnerabilities in c-ares. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS...

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : c-ares vulnerabilities (USN-6164-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6164-1 advisory. Hannes Moesl discovered that c-ares incorrectly handled certain ipv6 addresses. An attacker could use this issue to cause c-ares to...

RHEL 8 : thunderbird (RHSA-2022:6164)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:6164 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.13.0. Security Fixes: Mozilla:...

Oracle Linux 8 : thunderbird (ELSA-2022-6164)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-6164 advisory. 91.13.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 91.13.0-1 - Update to 91.13.0 build1 Tenable has...

Mageia: Security Advisory (MGASA-2018-0343)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-6164

CVE-2020-6164 (SilverStripe) affects SilverStripe up to version 4.5.0. A preconfigured URL path in the silverstripe/framework module can disclose that a domain is hosting a SilverStripe application. The impact is information disclosure about the existence of the platform; the path’s functionality...

CVE-2018-6164

CVE-2018-6164 relates to Google Chrome/Chromium’s Blink component. The initial CVE description notes “insufficient origin checks for CSS content in Blink” which allowed a remote attacker to leak cross-origin data via a crafted HTML page. Connected documents corroborate a broader class of cross-or...