CVE-2026-4798

creationtimestamp| type| source ---|---|--- 2026-05-13 12:32:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlqcpedfqw2p 2026-05-13 16:19:46+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlqpcm7xqe2z 2026-05-14 00:44:08+00:00| seen|...

PT-2026-40584

Name of the Vulnerable Software and Affected Versions Avada Builder versions prior to 3.15.2 Description The Avada Builder plugin for WordPress contains a time-based SQL Injection, a technique where an attacker sends queries that cause the database to pause for a specific duration to determine if...

MINI-GG5H-4798-8643

Bulletin has no description...

MINI-P75M-4798-4FGX

Bulletin has no description...

EUVD-2022-4798

Malicious code in bioql PyPI...

EUVD-2025-18083

Malicious code in bioql PyPI...

CVE-2025-4798

The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.68.10. This is due to a lack of restriction on the directory an administrator can select for storing downloads. This makes it possible for authenticated attackers, with...

CVE-2025-4798

The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.68.10. This is due to a lack of restriction on the directory an administrator can select for storing downloads. This makes it possible for authenticated attackers, with...

CVE-2025-4798 WP-DownloadManager <= 1.68.10 - Authenticated (Administrator+) Arbitrary File Read

The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.68.10. This is due to a lack of restriction on the directory an administrator can select for storing downloads. This makes it possible for authenticated attackers, with...

CVE-2025-4798 WP-DownloadManager <= 1.68.10 - Authenticated (Administrator+) Arbitrary File Read

The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.68.10. This is due to a lack of restriction on the directory an administrator can select for storing downloads. This makes it possible for authenticated attackers, with...

CVE-2022-4798

Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1...

CentOS 7 : kpatch-patch (RHSA-2021:4798)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4798 advisory. - An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after- free because the ctx is reached via the ctxlist in so...

CGA-743Q-CCVG-4798

Bulletin has no description...

CVE-2024-4798

CVE-2024-4798 affects SourceCodester Online Computer and Laptop Store 1.0. The vulnerability lies in the file /admin/maintenance/manage_brand.php where the parameter id is used unsafely in an SQL query, enabling a remote SQL injection. The issue is exploitable over the network and the exploit has...

CVE-2024-4798 SourceCodester Online Computer and Laptop Store manage_brand.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this issue is some unknown functionality of the file /admin/maintenance/managebrand.php. The manipulation of the argument id leads to sql injection. The attack may...

CVE-2024-4798 SourceCodester Online Computer and Laptop Store manage_brand.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this issue is some unknown functionality of the file /admin/maintenance/managebrand.php. The manipulation of the argument id leads to sql injection. The attack may...

Rocky Linux 8 : maven:3.5 (RLSA-2022:4798)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:4798 advisory. - In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injecti...

Ubuntu 16.04 ESM : libgit2 vulnerabilities (USN-4798-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4798-1 advisory. It was discovered that libgit2 mishandled certain malformed git objects. A remote attacker could use this vulnerability to cause a denial of service...

CVE-2023-4798

creationtimestamp| type| source ---|---|--- 2023-10-17 00:32:16+00:00| seen| https://t.me/cibsecurity/72349...

CVE-2023-4798

CVE-2023-4798 affects the WordPress plugin User Avatar – Reloaded (pre-1.2.2). It enables Stored XSS via certain shortcode attributes, reachable by low-privilege users (contributor+). The fixed version is 1.2.2, which adds sanitization/escaping to address the flaw (as confirmed by Patchstack and ...