Poster - CVE CyberSecurity Database News (Page 605)

Sep 16, 2024 XSS

CVE-2024-45801 - DOMPurify XSS Bypass via Improper Nesting and Prototype Pollution

DOMPurify is a popular JavaScript library designed to sanitize HTML, MathML, and SVG. It protects web applications from the dangerous threat of Cross-Site Scripting (XSS)

CVE-2024-46451 - Exploiting Buffer Overflow in TOTOLINK AC120 T8 (v4.1.5cu.861_B20230220) setWiFiAclRules

Sep 16, 2024 API WiFi

CVE-2024-46451 - Exploiting Buffer Overflow in TOTOLINK AC120 T8 (v4.1.5cu.861_B20230220) setWiFiAclRules

CVE-2024-46451 is a newly disclosed buffer overflow vulnerability in the TOTOLINK AC120 T8 router, firmware version v4.1.5cu.861_B20230220. Specifically, the flaw exists

Sep 13, 2024 Exploit

CVE-2024-44092 - How a Debug Leftover in TBD of TBD Opens Doors for Local Privilege Escalation

A recent security vulnerability, CVE-2024-44092, has put the spotlight on the dangers of leaving test and debugging code in production builds. This vulnerability affects the

Sep 13, 2024

CVE-2024-29779 - Unusual Root Cause Allows Local Privilege Escalation (Detailed Analysis & Exploit)

A new security issue, CVE-2024-29779, has drawn the attention of sysadmins, pentesters, and Linux enthusiasts alike. What makes this vulnerability stand out isn’t just

CVE-2024-6587 - How an SSRF in berriai/litellm 1.38.10 Can Leak Your OpenAI API Key

Sep 13, 2024 API

CVE-2024-6587 - How an SSRF in berriai/litellm 1.38.10 Can Leak Your OpenAI API Key

In June 2024, a vulnerability—CVE-2024-6587—was identified in berriai/litellm, a popular library for interacting with OpenAI’s and other LLM providers’ APIs. This