Poster - CVE CyberSecurity Database News (Page 468)

Dec 5, 2024 Exploit

CVE-2024-12130 - Out of Bounds Read Vulnerability in Rockwell Automation Arena® – How Attackers Exploit It (With Code Example)

Arena® simulation software by Rockwell Automation is widely used for process modeling and analysis. In early 2024, security researchers discovered a critical vulnerability (CVE-2024-12130) that

Dec 5, 2024

CVE-2024-11155 - Exploiting a "Use After Free" Vulnerability in Rockwell Arena® for Code Execution

A new and serious security issue has emerged: CVE-2024-11155, a "use after free" vulnerability in Rockwell Automation's Arena® simulation software. This

Dec 5, 2024 XSS API SQL

CVE-2024-54128 - Directus Comment Feature HTML Injection Vulnerability Explained

Directus is a popular open-source toolkit that gives teams a user-friendly dashboard and API to manage SQL database content. One handy feature in Directus is

Dec 5, 2024

CVE-2024-53846 - OTP SSL Extended Key Usage Verification Bypass – Exploit Analysis, Sample Code, and Mitigations

Erlang's Open Telecom Platform (OTP) is the backbone of many fault-tolerant, distributed systems. OTP is more than just a language; it's

Dec 5, 2024 CSRF XSS

CVE-2024-54001 - Stored XSS Vulnerability in Kanboard Project Management Software (Detailed Write-Up)

Kanboard is a popular project management tool designed around the Kanban methodology. It lets teams visualize tasks and workflows, making project tracking easier and more