Poster - CVE CyberSecurity Database News (Page 220)

Feb 13, 2025 RCE PHP

CVE-2024-56908 - How a File Upload Vulnerability in Perfex CRM < 3.2.1 Can Let Attackers Take Over Your Server

In June 2024, a severe security flaw—CVE-2024-56908—was discovered in the popular open-source Perfex CRM software. This vulnerability is a classic case of improper

Feb 13, 2025 Chrome

CVE-2025-22960 - Session Hijacking in GatesAir Maxiva UAXT, VAXT Transmitters via Exposed Log Files

CVE ID: CVE-2025-22960 Affected Products: GatesAir Maxiva UAXT, VAXT series transmitters Severity: High Authoritative Source: gatesair.com TL;DR A serious security vulnerability (CVE-2025-22960) has

Feb 13, 2025

CVE-2023-34406 - Integer Overflow in Mercedes Benz NTG 6 User Data Function – How Hackers Could Crash Your Car’s Infotainment

When it comes to modern cars, the infotainment system (the screen and controls for audio, navigation, and other features) is almost as important as the

Feb 13, 2025

CVE-2023-34402 - Exploiting Arbitrary File Write in Mercedes-Benz NTG6 Head-Unit via Profile Import Function

Summary: A critical vulnerability, CVE-2023-34402, affects the Mercedes-Benz NTG6 head-unit infotainment system. By abusing the profile settings import/export functionality over USB, attackers can achieve

Feb 13, 2025 API

CVE-2024-57378 - Broken Access Control in Wazuh SIEM 4.8.2 Exposes Undocumented User Creation Flaw

Author: AI Security Editorial Date: July 2024 Wazuh SIEM is an open-source security information and event management platform trusted by thousands of organizations. But a