Poster - CVE CyberSecurity Database News (Page 774)

May 21, 2024 API SQL

CVE-2024-36039 - PyMySQL ≤1.1. SQL Injection via Untrusted JSON Keys

PyMySQL, a popular pure-Python MySQL client, is widely used in web apps and scripts. In mid-2024, a fresh vulnerability—CVE-2024-36039—drew attention for enabling SQL

May 21, 2024

CVE-2024-31840 - Cleartext Password Exposure in Italtel Embrace 1.6.4 Web Application – Details & Exploit Example

--- What is CVE-2024-31840? A severe vulnerability (CVE-2024-31840) has been found in Italtel Embrace 1.6.4. The web application's configuration interface exposes

May 21, 2024 API qnap systems inc. quts hero

CVE-2024-27130 - Understanding the QNAP OS Buffer Copy Vulnerability and How It’s Exploited

In early June 2024, a new security vulnerability labeled CVE-2024-27130 was disclosed for QNAP’s widely used network storage systems. This flaw, found in multiple

May 21, 2024 Exploit linux

CVE-2023-52827 - Out-of-Bounds Read in Linux ath12k Wi-Fi Driver Explained

Recently, a security vulnerability labeled CVE-2023-52827 was found and fixed in the Linux kernel’s ath12k Wi-Fi driver. This flaw could allow an attacker to

May 21, 2024 linux

CVE-2023-52821 - Understanding the Linux Kernel drm/panel Null Pointer Dereference Vulnerability

In late 2023, a vulnerability tracked as CVE-2023-52821 was resolved in the Linux kernel. This security issue was found in the Direct Rendering Manager (DRM)