GO-2026-4844 Zoraxy: Authenticated Path Traversal in Config Import leads to RCE in github.com/tobychui/zoraxy

Zoraxy: Authenticated Path Traversal in Config Import leads to RCE in github.com/tobychui/zoraxy...

CVE-2026-4844

creationtimestamp| type| source ---|---|--- 2026-03-26 04:16:41+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-4844 2026-03-26 09:44:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhxcyalhsc22...

CVE-2023-4844

A vulnerability was found in SourceCodester Simple Membership System 1.0. It has been classified as critical. This affects an unknown part of the file clubeditquery.php. The manipulation of the argument clubid leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

CVE-2005-4844

The CLSIDApprenticeICW control allows remote attackers to cause a denial of service Internet Explorer crash by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer...

CVE-2025-4844

creationtimestamp| type| source ---|---|--- 2025-05-18 00:39:30+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lpfszcfvwfm2 2025-05-18 01:13:05+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpfuvqwuie2h...

CVE-2025-4844

A vulnerability classified as critical was found in FreeFloat FTP Server 1.0. Affected by this vulnerability is an unknown functionality of the component CD Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the publi...

Linux Distros Unpatched Vulnerability : CVE-2015-4844

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and...

CVE-2024-4844

Hardcoded credentials vulnerability in Trellix ePolicy Orchestrator ePO on Premise prior to 5.10 Service Pack 1 Update 2 allows an attacker with admin privileges on the ePO server to read the contents of the orion.keystore file, allowing them to access the ePO database encryption key. This was...

Ubuntu 16.04 ESM / 18.04 ESM : Cinnamon vulnerability (USN-4844-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-4844-1 advisory. Matthias Gerstner discovered that the cinnamon-settings-users utility in Cinnamon did not safely handle symlinks. An unprivileged attacker could...

CVE-2023-4844

A vulnerability was found in SourceCodester Simple Membership System 1.0. It has been classified as critical. This affects an unknown part of the file clubeditquery.php. The manipulation of the argument clubid leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

CVE-2023-4844 SourceCodester Simple Membership System club_edit_query.php sql injection

A vulnerability was found in SourceCodester Simple Membership System 1.0. It has been classified as critical. This affects an unknown part of the file clubeditquery.php. The manipulation of the argument clubid leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

CVE-2023-4844

CVE-2023-4844 affects SourceCodester Simple Membership System 1.0 via an SQL injection in the file club_edit_query.php caused by unsanitized club_id input. The issue can be exploited remotely and exploits have been publicly disclosed. Root cause: inadequate input validation for club_id. Impact: d...

CVE-2023-4844 SourceCodester Simple Membership System club_edit_query.php sql injection

A vulnerability was found in SourceCodester Simple Membership System 1.0. It has been classified as critical. This affects an unknown part of the file clubeditquery.php. The manipulation of the argument clubid leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

SUSE CVE-2015-4844

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

CVE-2022-4844

Cross-Site Request Forgery CSRF in GitHub repository usememos/memos prior to 0.9.1...

CVE-2022-4844

CVE-2022-4844 affects usememos/memos prior to 0.9.1. A CSRF vulnerability exists in the web app that could allow an attacker to induce authenticated actions (e.g., creating a HOST user) without user consent. Exploitation details are provided in Huntr’s PoC and related advisories, with remediation...

CVE-2022-4844 Cross-Site Request Forgery (CSRF) in usememos/memos

Cross-Site Request Forgery CSRF in GitHub repository usememos/memos prior to 0.9.1...

CVE-2022-4844 Cross-Site Request Forgery (CSRF) in usememos/memos

Cross-Site Request Forgery CSRF in GitHub repository usememos/memos prior to 0.9.1...

Mageia: Security Advisory (MGASA-2016-0186)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:2192-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...