CVE-2024-11921 - Exploiting Reflected XSS in GiveWP WordPress Plugin < 3.19.
> Summary:
GiveWP, a popular WordPress donation plugin, had a dangerous security flaw (CVE-2024-11921) in versions before 3.19.. This bug allowed reflected Cross-Site Scripting
CVE-2024-56527 - How a Simple Missing Function in TCPDF Led to XSS Vulnerability
Summary:
A vulnerability was discovered in TCPDF before version 6.8.. The problem? The Error() function doesn't use htmlspecialchars() on error messages, opening
CVE-2024-56521 - Dangerous SSL Verification Defaults in TCPDF (<6.8.) - How Your PDFs May Be at Risk
If you generate PDFs in PHP, you may have run into a popular library called TCPDF. It’s used all over the world to create
CVE-2024-56431 - Exploiting the Invalid Negative Left Shift Vulnerability in libtheora’s `oc_huff_tree_unpack`
On June 20, 2024, a critical vulnerability was disclosed in libtheora, the reference implementation for Theora video compression. Tracked as CVE-2024-56431, this flaw arises from
CVE-2024-52535 - Privilege Escalation Attack via Symlink Vulnerability in Dell SupportAssist
Dell SupportAssist is a widely used tool for system diagnostics, driver updates, and support on Dell PCs. However, a recent vulnerability, CVE-2024-52535, exposes a serious
Episode
00:00:00
00:00:00