CVE CyberSecurity Database News (Page 513)

Nov 28, 2024 Exploit

CVE-2024-36466 - Exploiting Zabbix’s Forged zbx_session Cookie for Admin Access

In June 2024, a critical security vulnerability was discovered and published under the identifier CVE-2024-36466. This flaw directly impacts Zabbix, a widely-used open-source monitoring system

Nov 28, 2024 API Apache

CVE-2024-53008 - Exploiting HAProxy’s HTTP Request Smuggling to Bypass ACLs and Steal Sensitive Data

A new vulnerability, CVE-2024-53008, was recently discovered in HAProxy, a popular open-source software widely used for high-performance TCP/HTTP load balancing. The flaw is classified

Nov 28, 2024 Exploit

CVE-2024-38309 - Multiple Stack-Based Buffer Overflow Vulnerabilities in V-SFT, TELLUS, and TELLUS Lite (Analysis & Exploit Insights)

CVE-2024-38309 covers serious stack-based buffer overflow vulnerabilities present in the following popular human-machine interface (HMI) and SCADA products by Fuji Electric: TELLUS Lite (v4..19.

Nov 27, 2024

CVE-2024-53858 - GitHub CLI Token Leak When Cloning Submodules – What You Need to Know

The GitHub CLI (gh) is GitHub’s official command-line tool, loved by many developers for simplifying GitHub workflows right from the terminal. In June 2024,

Nov 27, 2024 API

CVE-2024-53859 - Token Leakage Vulnerability in go-gh – Details, Code Snippet, and Exploit Explained

A security flaw, CVE-2024-53859, was found in the go-gh Go module—the common package used for interacting with the GitHub CLI (gh) and the GitHub