Poster - CVE CyberSecurity Database News (Page 489)

Nov 27, 2024 Exploit

CVE-2024-42333 - Out-of-Bounds Read in Zabbix Server Email Media – How Attackers Can Leak Server Memory

Zabbix is one of the most popular open-source IT monitoring solutions today, widely trusted for real-time visibility into thousands of production systems. But in June

Nov 27, 2024 API Exploit

CVE-2024-42330 - Exploiting HttpRequest Object’s Header Handling for Prototype Pollution in JavaScript

In June 2024, CVE-2024-42330 shed light on a subtle but powerful security flaw involving the HttpRequest object in common JavaScript libraries and environments. The vulnerability

Nov 27, 2024 RCE API Exploit

CVE-2024-42331 - Understanding the Use-After-Free Bug in Zabbix’s Duktape Integration

On June 2024, a critical security vulnerability was disclosed in Zabbix, an enterprise-grade open source monitoring tool. This bug, CVE-2024-42331, centers on a use-after-free error

Nov 27, 2024 Exploit

CVE-2024-42326 - How a Use-After-Free Bug in browser.c’s `es_browser_get_variant` Enabled Critical Exploitation

On June 10, 2024, a critical vulnerability—CVE-2024-42326—was disclosed affecting a number of applications using the es_browser_get_variant function in the open-source

Nov 27, 2024

CVE-2024-42328 - Exploiting NULL Pointer Dereference in WebDriver Browser Data Download

CVE-2024-42328 is a newly discovered vulnerability affecting web automation software that uses a WebDriver-controlled Browser object for HTTP downloads. This issue can cause a NULL