Linux Distros Unpatched Vulnerability : CVE-2025-6171

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.2 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowe...

CVE-2025-6171 Missing Authorization in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.2 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated attacker with reporter access to view branch names and pipeline details by accessing the packages API endpoint even wh...

CVE-2025-9428

Zohocorp ManageEngine Analytics Plus versions 6171 and prior are vulnerable to authenticated SQL Injection via the key update api...

CVE-2025-9428

Zohocorp ManageEngine Analytics Plus versions 6171 and prior are vulnerable to authenticated SQL Injection via the key update api...

CVE-2025-9428 SQL Injection

Zohocorp ManageEngine Analytics Plus versions 6171 and prior are vulnerable to authenticated SQL Injection via the key update api...

EUVD-2025-35160

Zohocorp ManageEngine Analytics Plus versions 6171 and prior are vulnerable to authenticated SQL Injection via the key update api...

CVE-2025-9428 SQL Injection

Zohocorp ManageEngine Analytics Plus versions 6171 and prior are vulnerable to authenticated SQL Injection via the key update api...

ZOHO ManageEngine Analytics Plus 安全漏洞

ZOHO ManageEngine Analytics Plus is a self-service IT analytics solution from ZOHO. Get a better view of your IT data with rich visualizations and dashboards. ZOHO ManageEngine Analytics Plus SQL Injection Vulnerability, the vulnerability is due to insufficient input validation. An attacker can...

CVE-2020-6171

A cross-site scripting XSS vulnerability in the index page of the CLink Office 2.0 management console allows remote attackers to inject arbitrary web script or HTML via the lang parameter...

CVE-2024-6171

creationtimestamp| type| source ---|---|--- 2024-07-09 07:38:18+00:00| seen| https://t.me/cvedetector/236...

CVE-2024-6171 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.112 - IP Address Spoofing to Antispam Bypass

The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 1.5.112 due to insufficient IP address validation and/or use of user-supplied HTTP headers as a primary method for IP retrieval. Thi...

CVE-2024-6171 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.112 - IP Address Spoofing to Antispam Bypass

The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 1.5.112 due to insufficient IP address validation and/or use of user-supplied HTTP headers as a primary method for IP retrieval. Thi...

RHEL 8 : Red Hat Product OCP Tools 4.11 Openshift Jenkins (RHSA-2023:6171)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6171 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

SUSE CVE-2018-6171

Use after free in Bluetooth in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension...

Mageia: Security Advisory (MGASA-2018-0343)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-6171

CVE-2020-6171 : CLink Office 2.0 management console index page is vulnerable to Cross‑Site Scripting via the lang parameter. Remote attackers can inject arbitrary script/HTML, with impact including potential data theft or session hijacking as described in connected sources. The CVSS shows MEDIUM ...

CVE-2020-6171

A cross-site scripting XSS vulnerability in the index page of the CLink Office 2.0 management console allows remote attackers to inject arbitrary web script or HTML via the lang parameter...

CVE-2008-6176

No description is available for this CVE...

CVE-2008-6171

includes/bootstrap.inc in Drupal 5.x before 5.12 and 6.x before 6.6, when the server is configured for "IP-based virtual hosts," allows remote attackers to include and execute arbitrary files via the HTTP Host header...

CVE-2019-6171

CVE-2019-6171 affects older ThinkPad models where an attacker with administrative privileges or physical access can cause the Embedded Controller to accept unsigned firmware updates. Root cause is unsigned firmware update capability in the EC, enabling privilege escalation via BIOS/EC update path...