Poster - CVE CyberSecurity Database News (Page 643)

Aug 15, 2024 Exploit Google

CVE-2024-34743 - Exploiting a Tapjacking Vulnerability in Android’s SurfaceFlinger (Easy Privilege Escalation)

A critical vulnerability (CVE-2024-34743) has been found in Android’s core SurfaceFlinger service, specifically in the setTransactionState function of SurfaceFlinger.cpp. This bug introduces a

Aug 15, 2024

CVE-2024-42472 - Dangerous Flatpak Escape – How a Sandbox Hole Could Expose Your Files

Flatpak is a popular application distribution and sandboxing system used by many Linux distributions to isolate apps, but early 2024 revealed a significant hole. CVE-2024-42472

Aug 15, 2024 Windows Exploit

CVE-2024-7262 - Weaponized Path Validation Bug in Kingsoft WPS Office Lets Attackers Load Windows Libraries with Malicious Spreadsheets

Kingsoft WPS Office is one of the most popular office suites in the world, especially in China. Recently, a significant security vulnerability (CVE-2024-7262) has been

Aug 15, 2024 Windows Microsoft

CVE-2024-7263 - New Arbitrary DLL Loading Bug in Kingsoft WPS Office – Technical Deep Dive & Exploit Walkthrough

A new vulnerability, CVE-2024-7263, affects Kingsoft WPS Office Windows versions 12.2..13110 up to *but not including* 12.2..17115. Attackers can exploit improper

Aug 14, 2024 RCE API

CVE-2024-5914 - Command Injection in Palo Alto Networks Cortex XSOAR CommonScripts Pack – How Attackers Can Run Arbitrary Commands

In June 2024, security researchers uncovered a critical command injection vulnerability in Palo Alto Networks Cortex XSOAR CommonScripts Pack. The flaw, tracked as CVE-2024-5914, could