Poster - CVE CyberSecurity Database News (Page 686)

Jul 10, 2024 API

CVE-2024-22018 - Node.js Permission Model Bypass via fs.lstat — Explained, Exploited, and What To Do

A new vulnerability, CVE-2024-22018, has been discovered in Node.js that may allow attackers to learn sensitive information about files, even when explicit read access

Jul 10, 2024 Windows Microsoft

CVE-2024-21417 - Windows Text Services Framework Elevation of Privilege Vulnerability Explained

Published: June 2024 Author: AI Security Insights Introduction On February 13, 2024, Microsoft published a security advisory for a newly discovered vulnerability: CVE-2024-21417. This bug

Jul 9, 2024

CVE-2024-31331 - Unmasking the Hidden Service Vulnerability in Android’s PackageManagerService

CVE-2024-31331 is a recently disclosed security flaw impacting Android devices, rooted in the setMimeGroup method of the PackageManagerService.java source file. This vulnerability introduces a

Jul 9, 2024 Bluetooth Exploit Java Google

CVE-2024-31320 - How a Silent Companion Device Association Bug Can Escalate Privileges on Android

In early 2024, a new Android security vulnerability was discovered and tracked as CVE-2024-31320. It resides in the setSkipPrompt method of AssociationRequest.java. This flaw

Jul 9, 2024 Google

CVE-2024-31316 - Escalating Privileges on Android via AccountManagerService Parcel Mismatch

A serious security flaw (CVE-2024-31316) was found in Android's AccountManagerService, specifically in the onResult() method. This bug allows a local app with no