CVE CyberSecurity Database News (Page 471)

Dec 10, 2024 API Exploit

CVE-2024-53246 - Unpacking the Splunk SPL Information Disclosure Vulnerability

Splunk is the backbone SIEM (Security Information and Event Management) solution for many organizations, often ingesting logs from all corners of enterprise infrastructure. Vulnerabilities in

Dec 10, 2024 RCE API

CVE-2024-53247 - Low-Privilege Remote Code Execution in Splunk Enterprise and Secure Gateway App

Splunk is a popular tool used by companies to monitor, search, and analyze machine-generated data. However, in June 2024, a critical vulnerability was disclosed: CVE-2024-53247.

Dec 10, 2024

CVE-2024-12286 - Exploiting Default SSH Credentials on MOBATIME DTS 4801 Network Master Clock

Recently, a new vulnerability was identified in the popular MOBATIME Network Master Clock, specifically in the DTS 4801 model. Tracked as CVE-2024-12286, this issue allows

Dec 10, 2024 Exploit

CVE-2024-53866 - How pnpm's Global Cache Vulnerability Can Lead to Arbitrary Code Execution Across Workspaces

The Node.js ecosystem heavily relies on package managers like pnpm for fast, reliable, and space-saving installs. But in June 2024, a nasty vulnerability surfaced,

Dec 10, 2024 Windows Exploit

CVE-2024-49849 - Siemens TIA Portal Products Log File Parsing RCE Explained

A new critical vulnerability, CVE-2024-49849, has been discovered affecting a large range of Siemens’ industrial automation products, including their TIA Portal suite. This post breaks