CVE CyberSecurity Database News (Page 457)

Dec 12, 2024 Exploit Java

CVE-2024-4109 - How a Flaw in Undertow HTTP/2 Handler Can Leak Your Inflight Secrets

On May 2024, a new security issue—CVE-2024-4109—was disclosed, affecting Red Hat’s highly used web server component, Undertow. If you use WildFly, JBoss,

Dec 12, 2024 WordPress Exploit SQL PHP

CVE-2024-12333 - Remote Code Execution in Woodmart WordPress Theme (Up to v8..3) Explained With Exploit Code

Woodmart is a popular premium theme for WordPress, powering thousands of ecommerce and business sites. In early 2024, a critical security vulnerability was found and

Dec 12, 2024 Java

CVE-2024-12397 - How a Cookie Parsing Bug in Quarkus-HTTP Can Leak Secret Cookies

A high-impact security flaw, CVE-2024-12397, was found in Quarkus-HTTP, a popular foundational HTTP library used by Quarkus, the “supersonic, subatomic Java” framework. This vulnerability allows

Dec 12, 2024

CVE-2024-54529 - A Deep Dive Into the macOS Kernel Logic Bug Allowing Arbitrary Code Execution

In June 2024, Apple disclosed a high-severity kernel vulnerability tracked as CVE-2024-54529 affecting macOS. This bug, stemming from a logic flaw in kernel checks, allowed

Dec 12, 2024 API Mac Safari iOS

CVE-2024-54534 - Memory Corruption via Malicious Web Content in Apple OSes – Exploit Details and Patch Information

In June 2024, CVE-2024-54534 was disclosed by Apple, alerting users and developers about a memory corruption vulnerability found in the WebKit engine. This vulnerability could