CVE CyberSecurity Database News (Page 505)

Dec 3, 2024 API Exploit

CVE-2024-37302 - Synapse Homeserver Disk Fill Vulnerability Explained — How Attackers Could Deny Your Matrix Service

In June 2024, a new critical vulnerability was discovered in Synapse, the popular open-source Matrix homeserver. Tagged as CVE-2024-37302, this bug gives attackers a free

Dec 3, 2024 API Apache

CVE-2024-37303 - Planting Malicious Media in Matrix Synapse Homeservers

Matrix’s Synapse is a big deal for secure, decentralized chat. But in June 2024, a new vulnerability—CVE-2024-37303—highlighted how an unauthenticated remote user

Dec 3, 2024 iOS

CVE-2024-54000 - How a Redirect Bypass Broke MobSF Security Again

Mobile Security Framework (MobSF) is one of the most trusted open-source tools for mobile app security testing. It’s favored by bug bounty hunters, security

Dec 3, 2024 Bluetooth Google

CVE-2018-9449 - Bluetooth Out-of-Bounds Read Vulnerability Explained with Code and Exploit Details

In October 2018, a critical vulnerability named CVE-2018-9449 was discovered affecting Android's Bluetooth subsystem. This bug resides in the process_service_search_attr_

Dec 2, 2024

CVE-2024-53900 - Mongoose $where Injection Vulnerability Explained

CVE-2024-53900 is a recent and critical vulnerability impacting the popular Node.js Object Data Modeling (ODM) library, Mongoose. The bug specifically affects Mongoose versions before