Poster - CVE CyberSecurity Database News (Page 698)

CVE-2024-35777 - How a WooCommerce Output Injection Bug Opens Doors to Fake Content

Jul 9, 2024 WordPress Exploit PHP

CVE-2024-35777 - How a WooCommerce Output Injection Bug Opens Doors to Fake Content

In June 2024, security researchers discovered a new vulnerability in WooCommerce, the incredibly popular WordPress plugin for e-commerce. Tracked as CVE-2024-35777, this flaw highlights how

Jul 8, 2024 RCE Exploit

CVE-2024-6409 - Race Condition in OpenSSH’s sshd May Lead to Remote Code Execution

OpenSSH is the most popular open-source implementation of the SSH protocol, used all over the world to secure remote logins. Recently, a critical vulnerability was

Jul 7, 2024 Exploit

CVE-2024-3651 - Denial of Service Vulnerability in `idna.encode()` (kjd/idna 3.6)

A new vulnerability, CVE-2024-3651, has been discovered in the popular Python idna library (version 3.6), maintained by kjd. This issue affects the idna.encode(

CVE-2024-39689 - The GLOBALTRUST Root Certificate Removal from Certifi Explained

Jul 5, 2024 MITM

CVE-2024-39689 - The GLOBALTRUST Root Certificate Removal from Certifi Explained

--- Overview On July 4, 2024, an important update changed the landscape for anyone using Python’s Certifi library to validate SSL/TLS connections. The

Jul 5, 2024

CVE-2024-39484 - How a Linux Kernel Driver Cleanup Flaw Led to Resource Leaks (And What Was Done About It)

A recently resolved Linux kernel vulnerability, CVE-2024-39484, quietly exposes the crucial role of cleanup functions in the reliability of device drivers. Even minor looking implementation