CVE-2026-6167

A vulnerability was detected in code-projects Faculty Management System 1.0. Impacted is an unknown function of the file /subject-print.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit is now public and may be used...

CVE-2025-6167

A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0.5.5. Affected is the function createworkflow of the file pythona2a/agentflow/server/api.py. The manipulation leads to path traversal. Upgrading to version 0.5.6 is able to address this issue. It is recommend...

CVE-2025-6167

creationtimestamp| type| source ---|---|--- 2025-06-17 07:36:45+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18571...

CVE-2025-6167

A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0.5.5. Affected is the function createworkflow of the file pythona2a/agentflow/server/api.py. The manipulation leads to path traversal. Upgrading to version 0.5.6 is able to address this issue. It is recommend...

Linux Distros Unpatched Vulnerability : CVE-2013-6167

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla Firefox through 27 sends HTTP Cookie headers without first validating that they have the required character-set restrictions, which allows remote...

CVE-2023-6167

creationtimestamp| type| source ---|---|--- 2025-02-11 02:17:12+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhulq4rvrl2h...

CVE-2024-6167

creationtimestamp| type| source ---|---|--- 2024-07-09 11:49:47+00:00| seen| https://t.me/cvedetector/277...

CVE-2024-6167

The CVE-2024-6167 issue in the Just Custom Fields WordPress plugin is a missing capability check in several admin AJAX functions, enabling authenticated users with Subscriber-level access (and above) to invoke admin‑only functionality such as managing field groups and item visibility. Affected ve...

WordPress Just Custom Fields Plugin <= 3.3.2 is vulnerable to Broken Access Control

Software Just Custom Fields Type Plugin Vulnerable versions = 3.3.2 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-6167 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 899cda063365 Credits Francesco Carlucci Required...

RHEL 6 : firefox (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Mozilla: Type confusion for special arguments in IonMonkey CVE-2020-15656 - Mozilla: Malicious Extension...

RHEL 9 : libguestfs-winsupport (RHSA-2023:6167)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:6167 advisory. The libguestfs-winsupport package adds support for Windows guests to libguestfs, a set of tools and libraries allowing users to access and modify...

Oracle Linux 9 : libguestfs-winsupport (ELSA-2023-6167)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-6167 advisory. - Fixes: CVE-2022-40284 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested...

Ubuntu: Security Advisory (USN-6167-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 : QEMU vulnerabilities (USN-6167-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6167-1 advisory. It was discovered that QEMU did not properly manage the guest drivers when shared buffers are not allocated. ...

K68652018: iControl REST vulnerability CVE-2021-22974

Security Advisory Description An authenticated attacker with access to iControl REST over the control plane may be able to take advantage of a race condition to execute commands with an elevated privilege level. This vulnerability is due to an incomplete fix for CVE-2017-6167. CVE-2021-22974...

K24465120: iControl REST vulnerability CVE-2017-6167

Security Advisory Description Race conditions in iControl REST may lead to commands executed with different privilege levels than expected. CVE-2017-6167 Impact Sending asynchronous tasks using the iControl REST API may be processed as the wrong user and result in an error. Security Advisory Stat...

Security Bulletin: Potential Security Vulnerabilities fixed in IBM WebSphere Application Server Version 7.0.0.37

Summary Cross reference list for security vulnerabilites fixed in IBM WebSphere Application Server 7.0.0.37, IBM WebSphere Application Server Hypervisor 7.0.0.37 and IBM HTTP Server 7.0.0.37 Vulnerability Details CVE ID:CVE-2014-6167 APAR PI23819 DESCRIPTION: IBM WebSphere Application Server may ...

RHEL 8 : thunderbird (RHSA-2022:6167)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:6167 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.13.0. Security Fixes: Mozilla:...

Mageia: Security Advisory (MGASA-2018-0343)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-6167

creationtimestamp| type| source ---|---|--- 2021-02-12 20:43:46+00:00| seen| https://t.me/cibsecurity/23548...