71 matches found
CVE-2026-2844
creationtimestamp| type| source ---|---|--- 2026-02-28 13:43:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfwe67bqls2n 2026-03-01 01:30:29+00:00| seen| https://infosec.exchange/users/offseq/statuses/116151328926962047 2026-03-01 01:30:30+00:00| seen|...
CVE-2019-2844
Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite subcomponent: LDAP Client Tools. The supported version that is affected is 11.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to...
CVE-2022-2844
A vulnerability classified as problematic has been found in MotoPress Timetable and Event Schedule up to 1.4.06. This affects an unknown part of the file /wp/?cpmvcid=1doaction=mvparse=datafeed=1index=1=adddetails=2 of the component Calendar Handler. The manipulation of the argument...
CVE-2020-2844
Vulnerability in the Oracle Depot Repair product of Oracle E-Business Suite component: Estimate and Actual Charges. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Depot...
CVE-2024-2844
The Easy Appointments plugin for WordPress is vulnerable to unauthorized modification of data due to insufficient user validation on the ajaxcancelappointment function in all versions up to, and including, 3.11.18. This makes it possible for unauthenticated attackers to cancel other users orders...
WordPress Easy Appointments Plugin <= 3.11.18 is vulnerable to Broken Access Control
Software Easy Appointments Type Plugin Vulnerable versions = 3.11.18 Fixed in 3.11.19 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-2844 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID d5cb3e5ca959 Credits Krzysztof Zając Required...
SUSE: Security Advisory (SUSE-SU-2023:2844-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-2844 Authorization Bypass Through User-Controlled Key in cloudexplorer-dev/cloudexplorer-lite
Authorization Bypass Through User-Controlled Key in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0...
CVE-2023-2844 Authorization Bypass Through User-Controlled Key in cloudexplorer-dev/cloudexplorer-lite
Authorization Bypass Through User-Controlled Key in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0...
CVE-2023-2844
CVE-2023-2844 affects cloudexplorer-lite prior to v1.1.0. The issue is an authorization bypass via a user-controlled key caused by missing authorization checks in the GitHub repository cloudexplorer-dev/cloudexplorer-lite. A PoC in Huntr shows an IDOR-style bypass where a user can impersonate ano...
CVE-2023-2844 Authorization Bypass Through User-Controlled Key in cloudexplorer-dev/cloudexplorer-lite
Authorization Bypass Through User-Controlled Key in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0...
SUSE CVE-2018-2844
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.1.36 and Prior to 5.2.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBo...
CVE-2022-2844
creationtimestamp| type| source ---|---|--- 2022-08-16 22:39:17+00:00| seen| https://t.me/cibsecurity/48233...
CVE-2022-2844 MotoPress Timetable and Event Schedule Calendar cross site scripting
A vulnerability classified as problematic has been found in MotoPress Timetable and Event Schedule up to 1.4.06. This affects an unknown part of the file /wp/?cpmvcid=1&cpmvcdoaction=mvparse&f=datafeed&calid=1&monthindex=1&method=adddetails&id=2 of the component Calendar Handler. The manipulation...
CVE-2022-2844
CVE-2022-2844 affects MotoPress Timetable and Event Schedule up to 1.4.06. Affects the Calendar Handler component; manipulating Subject/Location/Description via the vulnerable endpoint (the file path in the Description) enables cross-site scripting. Exploitation is described as possible to initia...
RHEL 7 : qemu-kvm (RHSA-2020:2844)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2844 advisory. Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the...
CVE-2020-2844
Vulnerability in the Oracle Depot Repair product of Oracle E-Business Suite component: Estimate and Actual Charges. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Depot...
CVE-2020-2844
CVE-2020-2844 corresponds to a vulnerability in Oracle E-Business Suite Depot Repair (component: Estimate and Actual Charges) affecting 12.1.1–12.1.3. The flaw allows unauthenticated, network-based access via HTTP to Oracle Depot Repair and can lead to unauthorized access to data and potential da...
CVE-2020-2844
Vulnerability in the Oracle Depot Repair product of Oracle E-Business Suite component: Estimate and Actual Charges. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Depot...
CVE-2019-2844
Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite subcomponent: LDAP Client Tools. The supported version that is affected is 11.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to...