Poster - CVE CyberSecurity Database News (Page 213)

Feb 16, 2025 API Java

CVE-2024-57971 - How a Small Validation Fault in DataSourceResource.java Breaks Database Security in Knowage Server

CVE-2024-57971 is a scary-sounding number if you run a Knowage Business Intelligence (BI) server. This serious vulnerability in versions _before 8.1.30_ means an

CVE-2024-57970 - Heap Buffer Over-read in libarchive’s TAR Reader Can Leak Data

Feb 16, 2025 Exploit

CVE-2024-57970 - Heap Buffer Over-read in libarchive’s TAR Reader Can Leak Data

CVE-2024-57970 is a newly discovered vulnerability in libarchive (through version 3.7.7) that can make applications reading certain TAR files leak sensitive memory (heap)

Feb 15, 2025

CVE-2025-26793 - Default Credentials in Hirsch Enterphone MESH Web GUI Exposes Resident PII

Author’s Note: This post’s research is original and clear for any reader. If you are responsible for apartment building security, update your Enterphone

Feb 15, 2025 XSS WordPress

CVE-2025-1005 - How ElementsKit Elementor Addons Plugin for WordPress Can Be Exploited with Stored XSS in the Image Accordion Widget

A new security vulnerability, tracked as CVE-2025-1005, has been discovered in the popular WordPress plugin ElementsKit Elementor Addons. This vulnerability affects all plugin versions up

Feb 15, 2025 WordPress Exploit PHP

CVE-2024-12562 - Unpacking the s2Member Pro WordPress PHP Object Injection Vulnerability

In early 2024, a significant vulnerability was disclosed for s2Member Pro—a popular plugin for managing memberships on WordPress sites. Identified as CVE-2024-12562, this flaw