Poster - CVE CyberSecurity Database News (Page 445)

Dec 10, 2024 RCE Exploit PHP

CVE-2024-11633 - Argument Injection Vulnerability in Ivanti Connect Secure (Pre-22.7R2.4) Allows Remote Code Execution for Remote Admins

In early 2024, security researchers discovered and reported a new critical vulnerability affecting Ivanti Connect Secure products (formerly Pulse Connect Secure), tracked as CVE-2024-11633. This

Dec 10, 2024 API Exploit

CVE-2024-53246 - Unpacking the Splunk SPL Information Disclosure Vulnerability

Splunk is the backbone SIEM (Security Information and Event Management) solution for many organizations, often ingesting logs from all corners of enterprise infrastructure. Vulnerabilities in

Dec 10, 2024 RCE API

CVE-2024-53247 - Low-Privilege Remote Code Execution in Splunk Enterprise and Secure Gateway App

Splunk is a popular tool used by companies to monitor, search, and analyze machine-generated data. However, in June 2024, a critical vulnerability was disclosed: CVE-2024-53247.

Dec 10, 2024

CVE-2024-12286 - Exploiting Default SSH Credentials on MOBATIME DTS 4801 Network Master Clock

Recently, a new vulnerability was identified in the popular MOBATIME Network Master Clock, specifically in the DTS 4801 model. Tracked as CVE-2024-12286, this issue allows

Dec 10, 2024 Exploit

CVE-2024-53866 - How pnpm's Global Cache Vulnerability Can Lead to Arbitrary Code Execution Across Workspaces

The Node.js ecosystem heavily relies on package managers like pnpm for fast, reliable, and space-saving installs. But in June 2024, a nasty vulnerability surfaced,