GO-2026-4796 ingress-nginx comment-based nginx configuration injection in k8s.io/ingress-nginx

ingress-nginx comment-based nginx configuration injection in k8s.io/ingress-nginx...

CVE-2023-4796

The Booster for WooCommerce for WordPress is vulnerable to Information Disclosure via the 'wcjwpoption' shortcode in versions up to, and including, 7.1.0 due to insufficient controls on the information retrievable via the shortcode. This makes it possible for authenticated attackers, with...

CVE-2025-20774

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4796...

PT-2025-48631

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4796...

Exploit for Authorization Bypass Through User-Controlled Key in Themewinter Eventin

CVE-2025-4796 eventin and update the speaker email to an emai...

EUVD-2008-7264

Malware in sbrugna...

CVE-2025-4796

creationtimestamp| type| source ---|---|--- 2025-08-10 09:01:36+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lvzwax54dm2d 2025-10-25 21:00:05+00:00| published-proof-of-concept| Telegram/CIibF5krEqXHuHs5TqPPIuQ0aPwRPsmd2xxsRxQT1IxhBk 2025-11-01 04:31:23+00:00|...

WordPress Eventin plugin <= 4.0.34 - Authenticated (Contributor+) Privilege Escalation via User Email Change/Account Takeover vulnerability

Authenticated Contributor+ Privilege Escalation via User Email Change/Account Takeover vulnerability discovered by István Márton in WordPress Plugin Eventin versions = 4.0.34...

CVE-2025-4796 Eventin <= 4.0.34 - Authenticated (Contributor+) Privilege Escalation via User Email Change/Account Takeover

The Eventin plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.0.34. This is due to the plugin not properly validating a user's identity or capability prior to updating their details like email in the...

CVE-2013-4796

ReviewBoard 1.6.17 allows code execution by attaching PHP scripts to review request...

CVE-2022-4796

Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.1...

CVE-2024-4796

CVE-2024-4796 affects Campcodes Online Laundry Management System 1.0. A vulnerability in the /manage_inv.php file’s id parameter enables SQL injection. The issue is exploitable remotely and an exploit has been publicly disclosed (VDB-263895). Multiple sources (NVD/NVD-derived records, CVE lists) ...

Rocky Linux 8 : nodejs:16 (RLSA-2022:4796)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:4796 advisory. - DISPUTED The npm ci command in npm 7.x and 8.x through 8.1.3 proceeds with an installation even if dependency information in package-lock.json differs from...

CVE-2023-4796 Booster for WooCommerce <= 7.1.0 - Authenticated (Subscriber+) Information Disclosure via Shortcode

The Booster for WooCommerce for WordPress is vulnerable to Information Disclosure via the 'wcjwpoption' shortcode in versions up to, and including, 7.1.0 due to insufficient controls on the information retrievable via the shortcode. This makes it possible for authenticated attackers, with...

CVE-2023-4796

CVE-2023-4796 affects the Booster for WooCommerce plugin for WordPress (versions up to 7.1.0). It is an information-disclosure vulnerability via the wcj_wp_option shortcode, allowing authenticated users with subscriber-level capabilities or higher to retrieve arbitrary sensitive site options. The...

WordPress Booster for WooCommerce Plugin <= 7.1.0 is vulnerable to Sensitive Data Exposure

Software Booster for WooCommerce Type Plugin Vulnerable versions = 7.1.0 Fixed in 7.1.1 OWASP Top 10 A5: Security Misconfiguration Classification Sensitive Data Exposure CVE CVE-2023-4796 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID d3120f1c06fe Credits Lana Codes...

Ubuntu: Security Advisory (USN-4796-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-4796

creationtimestamp| type| source ---|---|--- 2022-12-28 16:12:38+00:00| seen| https://t.me/cibsecurity/55494...

CVE-2022-4796 Incorrect Use of Privileged APIs in usememos/memos

Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.1...

CVE-2022-4796

CVE-2022-4796 affects the open source project usememos/memos prior to version 0.9.1. The issue is described as an incorrect use of privileged APIs that allows a user with login permission to delete all notes in the application via the API endpoint https://demo.usememos.com/api/memo/$idnote. This ...