Poster - CVE CyberSecurity Database News (Page 719)

Jun 18, 2024 XSS WordPress PHP

CVE-2024-3276 - Exploiting Stored XSS in Lightbox & Modal Popup WordPress Plugin – A Deep Dive

The WordPress ecosystem is vast, with plugins extending functions for millions of sites. But with flexibility comes risk. One such recent vulnerability is CVE-2024-3276, found

Jun 18, 2024

CVE-2024-37081 - Exploiting vCenter Server Sudo Misconfigurations for Local Privilege Escalation

In June 2024, VMware disclosed CVE-2024-37081, a set of local privilege escalation (LPE) vulnerabilities impacting vCenter Server Appliance (VCSA). The root cause: misconfigured sudo permissions

Jun 18, 2024 Exploit VMware Cloud Foundation

CVE-2024-37080 - How Attackers Can Take Over vCenter Server with a Single Packet (Explained)

In June 2024, VMware quietly patched a serious vulnerability tracked as CVE-2024-37080 in its vCenter Server product. This bug is a heap-overflow in the DCERPC

Jun 18, 2024 RCE Exploit VMware Cloud Foundation

CVE-2024-37079 - Breaking Down the vCenter DCERPC Heap Overflow (with Exploit Details)

In June 2024, VMware published a critical advisory about a severe vulnerability—CVE-2024-37079—in their vCenter Server platform. This bug lies in the way vCenter

Jun 17, 2024 Windows Exploit Java

CVE-2024-37902 - Critical Path Traversal Flaw in DeepJavaLibrary (DJL) Lets Attackers Overwrite Files on Your System

A serious vulnerability, CVE-2024-37902, was discovered in the DeepJavaLibrary (DJL), a widely-used deep learning framework for Java. DJL supports multiple deep learning engines and is