133 matches found
MINI-4484-4376-5C3R
Bulletin has no description...
CVE-2026-4484
creationtimestamp| type| source ---|---|--- 2026-03-26 03:00:15+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhwmeoazhu27 2026-03-26 03:04:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhwmmwoppr2i 2026-03-26 05:01:21+00:00| seen|...
CVE-2026-4484 Masteriyo LMS <= 2.1.6 - Missing Authorization to Authenticated (Student+) Privilege Escalation to Administrator
The Masteriyo LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.1.6. This is due to the plugin allowing a user to update the user role through the 'InstructorsController::prepareobjectfordatabase' function. This makes it possible for...
CVE-2026-4484
The Masteriyo LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.1.6. This is due to the plugin allowing a user to update the user role through the 'InstructorsController::prepareobjectfordatabase' function. This makes it possible for...
EUVD-2026-4484
Ollama MCP Server execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ollama MCP Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2025-4484
A vulnerability, which was classified as critical, was found in itsourcecode Gym Management System 1.0. This affects an unknown part of the file /ajax.php?action=deleteuser. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has...
CVE-2025-4484
creationtimestamp| type| source ---|---|--- 2025-05-09 19:26:07+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15813 2025-05-09 22:01:56+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lor7jacnahs2 2025-05-09...
CVE-2025-4484
A vulnerability, which was classified as critical, was found in itsourcecode Gym Management System 1.0. This affects an unknown part of the file /ajax.php?action=deleteuser. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has...
CVE-2025-4484 itsourcecode Gym Management System ajax.php sql injection
A vulnerability, which was classified as critical, was found in itsourcecode Gym Management System 1.0. This affects an unknown part of the file /ajax.php?action=deleteuser. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has...
CVE-2025-4484 itsourcecode Gym Management System ajax.php sql injection
A vulnerability, which was classified as critical, was found in itsourcecode Gym Management System 1.0. This affects an unknown part of the file /ajax.php?action=deleteuser. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has...
Linux Distros Unpatched Vulnerability : CVE-2016-4484
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Debian initrd script for the cryptsetup package 2:1.7.3-2 and earlier allows physically proximate attackers to gain shell access via many log in attempts wi...
CGA-H23R-4484-7J3G
Bulletin has no description...
CVE-2024-4484
creationtimestamp| type| source ---|---|--- 2024-06-12 23:13:42+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/7630...
CVE-2023-45925
GNU Midnight Commander 4.8.29-146-g299d9a2fb was discovered to contain a NULL pointer dereference via the function xerrorhandler at tty/x11conn.c. NOTE: this is disputed because it should be categorized as a usability problem an X operation silently fails...
SUSE: Security Advisory (SUSE-SU-2023:4484-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-4484
Rejected reason: This candidate is unused by its CNA...
Debian: Security Advisory (DSA-1997-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2015-4484
The js::jit::AssemblerX86Shared::lockaddl function in the JavaScript implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to cause a denial of service application crash by leveraging the use of shared memory and accessing 1 an Atomics object or 2 ...
CVE-2022-4484
creationtimestamp| type| source ---|---|--- 2023-01-16 18:24:12+00:00| seen| https://t.me/cibsecurity/56542...
CVE-2022-4484
The CVE-2022-4484 entry describes a Stored XSS vulnerability in the WordPress plugin Social Share, Social Login and Social Comments, up to version 7.13.44. Root cause: the plugin does not validate and escape certain shortcode attributes before output, allowing low-privilege users (as low as Contr...