Poster - CVE CyberSecurity Database News (Page 443)

Dec 12, 2024 RCE Google Chrome

CVE-2024-12381 - Type Confusion in V8 Engines—How a Chrome Bug Opened the Door for Heap Attacks

In early June 2024, security researchers discovered a major vulnerability in the V8 JavaScript engine—used by Google Chrome and many Chromium-based browsers. Tracked as

Dec 11, 2024 Exploit

CVE-2024-53845 - ESPTouchV2 Protocol AES Initialization Vector Weakness Exposes IoT Devices

Internet of Things (IoT) devices are now part of our everyday lives, from smart lights to home security. To get these devices online, manufacturers often

Dec 11, 2024 RCE Java Apache

CVE-2024-53677 - How a Dangerous File Upload Bug in Apache Struts Can Lead to Remote Code Execution

TL;DR: Apache Struts had a severe vulnerability (CVE-2024-53677) in its file upload logic, present from version 2.. up to (but not including) 6.4.

Dec 11, 2024

CVE-2024-11053 - How Curl’s Netrc Credentials Can Leak on HTTP Redirects

On January 24, 2024, Daniel Stenberg and the curl team disclosed CVE-2024-11053 — a potentially serious issue affecting users of the popular command-line tool curl. In

Dec 10, 2024 Exploit

CVE-2024-53005 - Out-of-Bounds Read in Substance3D Modeler Exposes Sensitive Memory

A serious vulnerability, CVE-2024-53005, has been discovered in Adobe Substance3D Modeler, versions 1.14.1 and earlier. The flaw allows attackers to read sensitive memory