CVE-2025-9162 vulnerabilities

Vulnerabilities for packages: keycloak...

CVE-2018-9162

Contec Smart Home 4.15 devices do not require authentication for newuser.php, edituser.php, deleteuser.php, and user.php, as demonstrated by changing the admin password and then obtaining control over doors...

RockyLinux 9 : gimp (RLSA-2025:9162)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:9162 advisory. gimp: Multiple use after free in XCF parser CVE-2025-48798 gimp: Multiple heap buffer overflows in TGA parser CVE-2025-48797 gimp: GIMP ICO File Parsing...

com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak (=24.3.0.0), com.github.wnameless.spring.boot.up:spring-boot-up-keycloak-plugin (=24.3.0.0) +8 more potentially affected by CVE-2025-9162 via org.keycloak:keycloak-model-storage-services (>=24.0.0 <=24.0.5)

org.keycloak:keycloak-model-storage-services MAVEN version =24.0.0, =2.5.6-24.0, =24.0.0, =24.0.0, =24.0.0, =24.0.0, =24.0.0, =24.0.0, =24.0.0, =24.0.5 Source cves: CVE-2025-9162 Source advisory: OSV:GHSA-8HXP-QMPH-W5GQ...

net.optionfactory.keycloak:optionfactory-keycloak-providers (>=8.1 <=8.9), org.keycloak.testframework:keycloak-test-framework-clustering (>=26.3.0 <=26.3.3) +21 more potentially affected by CVE-2025-9162 via org.keycloak:keycloak-model-storage-services (>=26.3.0 <=26.3.3)

org.keycloak:keycloak-model-storage-services MAVEN version =26.3.0, =8.1, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.3 and more Source cves: CVE-2025-...

Moderate: Red Hat Security Advisory: Red Hat build of Keycloak 26.0.15 Update

New Red Hat build of Keycloak 26.0.15 packages are available from the Customer Portal Red Hat build of Keycloak 26.0.15 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. Security...

Keycloak <= 26.3.3 Code Injection (GHSA-w2wj-hw98-233h)

The version of Keycloak installed on the remote host is prior or equal to 26.3.3. It is, therefore, affected by code injection vulnerability as reference in GHSA-w2wj-hw98-233h advisory. - A flaw was found in org.keycloak/keycloak-model-storage-service. The KeycloakRealmImport custom resource...

de.arbeitsagentur.opdt:keycloak-cassandra-model-tests (>=4.1.0-26.0 <=5.4.3-26.2), net.optionfactory.keycloak:optionfactory-keycloak-providers (>=8.1 <=8.9) +24 more potentially affected by CVE-2025-9162 via org.keycloak:keycloak-model-storage-services (>=26.0.0 <=26.3.5)

org.keycloak:keycloak-model-storage-services MAVEN version =26.0.0, =4.1.0-26.0, =8.1, =26.3.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.2.0, =26.2.0, =26.1.0, =26.1.0, =26.3.5 - org.keycloak.testframework:keycloak-test-framework-ui...

CVE-2025-9162

creationtimestamp| type| source ---|---|--- 2025-08-21 16:10:50+00:00| seen| Telegram/IyHd3dSgRZw2DLPMoGGTLjwPVmN0ykIsIhhkGiSt-xzl9o...

RHSA-2025:9162

creationtimestamp| type| source ---|---|--- 2025-06-17 09:41:29+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18574...

Oracle Linux 9 : gimp (ELSA-2025-9162)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-9162 advisory. - fix CVE-2025-5473 RHEL-95700 - fix CVE-2025-48797 RHEL-93521 Tenable has extracted the preceding description block directly from the Oracle Linux...

Linux Distros Unpatched Vulnerability : CVE-2017-9162

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libautotrace.a in AutoTrace 0.31.1 has a cannot be represented in type int issue in autotrace.c:191:2. CVE-2017-9162 Note that Nessus relies on the presence of...

CVE-2024-9162

The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to arbitrary PHP Code Injection due to missing file type validation during the export in all versions up to, and including, 7.86. This makes it possible for authenticated attackers, with Administrator-level access and above...

CVE-2024-9162

The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to arbitrary PHP Code Injection due to missing file type validation during the export in all versions up to, and including, 7.86. This makes it possible for authenticated attackers, with Administrator-level access and above...

CVE-2024-9162

The CVE CVE-2024-9162 affects All-in-One WP Migration and Backup for WordPress. It enables arbitrary PHP code injection during export due to missing file-type validation in versions up to 7.86, requiring Administrator+ authentication to craft a .php export file which may lead to remote code execu...

WordPress All-in-One WP Migration Plugin <= 7.86 is vulnerable to PHP Object Injection

Software All-in-One WP Migration Type Plugin Vulnerable versions = 7.86 Fixed in 7.87 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-9162 Patch priority Low CVSS severity Low 7.2 Developer ServMask, Inc PSID 44c4c1ddd033 Credits Ryan Kozak Required privilege...

Exploit for CVE-2024-9162

CVE-2024-9162 All-in-One WP Migration and Backup SELECT op...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a...

SUSE CVE-2014-9162

Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to obtain sensitive information via unspecified vectors...

Mageia: Security Advisory (MGASA-2014-0521)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...