CVE-2026-24844

creationtimestamp| type| source ---|---|--- 2026-02-04 20:40:50+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3me2qd5diwb2o...

CVE-2026-24844 vulnerabilities

Vulnerabilities for packages: wolfictl, cg...

CVE-2024-24844

creationtimestamp| type| source ---|---|--- 2025-12-23 13:05:06+00:00| seen| https://gist.github.com/Darkcrai86/f9b1efb50934c965ac2c1300c62c3c7f 2025-12-23 13:29:53+00:00| seen| https://gist.github.com/Darkcrai86/ca9423a4f49e9cce5d9051f29533b39c...

CVE-2024-24844 WordPress PowerPack Pro for Elementor plugin <= 2.10.6 - Unauthenticated Plugin Settings Reset vulnerability

Missing Authorization vulnerability in IdeaBox Creations PowerPack Pro for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PowerPack Pro for Elementor: from n/a through 2.10.6...

CVE-2024-24844

CVE-2024-24844 concerns WordPress PowerPack Pro for Elementor (plugin), where versions up to and including 2.10.6 are affected by a missing authorization issue that allows unauthenticated exploitation of misconfigured access control, enabling unauthorized changes to plugin settings. The root caus...

CVE-2025-24844

in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory...

CVE-2025-24844

creationtimestamp| type| source ---|---|--- 2025-07-30 07:59:24+00:00| seen| https://vulnerability.circl.lu/bundle/9d7fef5d-952d-4ecc-880d-94d02304e7a3...

CVE-2021-24844

The Affiliates Manager WordPress plugin before 2.8.7 does not validate the orderby parameter before using it in an SQL statement in the admin dashboard, leading to an SQL Injection issue...

CVE-2022-24844

Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. The problem occurs in the following code in server/service/system/sysautocodepgsql.go, which means that PostgreSQL must be used as the database for this vulnerability to occu...

CVE-2024-13048

CVE-2024-13048 affects Ashlar-Vellum Cobalt XE: the vulnerability resides in the XE file parser, caused by insufficient validation of user-provided data, which can trigger a write past the end of an allocated buffer. This out-of-bounds write can allow an attacker to execute code in the context of...

WordPress PowerPack Pro for Elementor Plugin <= 2.10.6 is vulnerable to Settings Change

Software PowerPack Pro for Elementor Type Plugin Vulnerable versions = 2.10.6 Fixed in 2.10.8 OWASP Top 10 A1: Broken Access Control Classification Settings Change CVE CVE-2024-24844 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID ad539f87b78f Credits Dave Jong Patchstac...

CVE-2023-24844

creationtimestamp| type| source ---|---|--- 2023-10-03 12:41:14+00:00| seen| https://t.me/cibsecurity/71473...

CVE-2023-24844 Improper Access Control in Core

Memory Corruption in Core while invoking a call to Access Control core library with hardware protected address range...

CVE-2023-24844

CVE-2023-24844 involves memory corruption in the Core when invoking the Access Control core library with a hardware-protected address range. Affected product area: Qualcomm components (closed‑source). The description consistently states memory corruption as the issue; no concrete exploitation det...

CVE-2023-24844 Improper Access Control in Core

Memory Corruption in Core while invoking a call to Access Control core library with hardware protected address range...

CVE-2022-24844

creationtimestamp| type| source ---|---|--- 2022-04-14 00:18:12+00:00| seen| https://t.me/cibsecurity/40741...

CVE-2022-24844 SQL Injection in github.com/flipped-aurora/gin-vue-admin

Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. The problem occurs in the following code in server/service/system/sysautocodepgsql.go, which means that PostgreSQL must be used as the database for this vulnerability to occu...

CVE-2022-24844

Gin-vue-admin is affected by a SQL injection in the server/service/system/sys_auto_code_pgsql.go path when using PostgreSQL and JWT-based authentication. The issue exists in versions prior to 2.5.1 and is resolved by upgrading to 2.5.1; there are no publicly documented workarounds in the provided...

CVE-2021-24844

creationtimestamp| type| source ---|---|--- 2021-11-08 20:29:38+00:00| seen| https://t.me/cibsecurity/32003...

CVE-2021-24844 Affiliate Manager < 2.8.7 - Admin+ SQL injection

The Affiliates Manager WordPress plugin before 2.8.7 does not validate the orderby parameter before using it in an SQL statement in the admin dashboard, leading to an SQL Injection issue...