CVE-2024-9393 - Exploiting PDF.js in Firefox and Thunderbird for Cross-Origin Attacks
In June 2024, Mozilla disclosed CVE-2024-9393, a critical vulnerability in the popular open-source PDF viewer—PDF.js—shipped with Firefox and Thunderbird. This flaw lets
CVE-2024-46258 - Inside the Heap Buffer Overflow in cute_png v1.05 (cp_load_png_mem)
Recently, a vulnerability dubbed CVE-2024-46258 was discovered in the widely used header-only PNG decoding library cute_png, version 1.05. This critical flaw is a
CVE-2024-45772 - Deserialization of Untrusted Data Vulnerability in Apache Lucene Replicator
CVE-2024-45772 is a critical security bug found in the Apache Lucene replicator module, specifically affecting implementations relying on the deprecated org.apache.lucene.replicator.http
CVE-2024-46453 - Exploiting XSS in **iq3xcite** `/test/` Endpoint (Versions 2.31–3.05)
A new security issue, CVE-2024-46453, has been found in the web application framework iq3xcite versions 2.31 to 3.05. This vulnerability allows attackers to
CVE-2024-38809 - ETag Header Parsing Leads to DoS – What You Need to Know
CVE-2024-38809 is a freshly discovered vulnerability that targets applications parsing ETags from the If-Match or If-None-Match HTTP headers. This issue can allow malicious users to
Episode
00:00:00
00:00:00