CVE CyberSecurity Database News (Page 520)

Nov 26, 2024 Exploit SQL

CVE-2024-22117 - A Deep Dive into sysmapelementurlid Manipulation & DoS Threat

CVE-2024-22117 identifies a critical vulnerability in certain web applications that allow users to add URLs to a mapping element. Improper handling of the sysmapelementurlid in

Nov 26, 2024 Windows

CVE-2024-11706 - Understanding the Null Pointer Dereference in pk12util (`SEC_ASN1DecodeItem_Util`) and Its Exploitation

In early 2024, a security flaw tagged as CVE-2024-11706 was discovered in the way Mozilla's pk12util tool handles certain certificate-related files. The bug

Nov 26, 2024 Exploit

CVE-2024-11702 - How Firefox and Thunderbird Leaked Your Private Data on Android Through Cloud Clipboard

--- 1. Introduction Passwords, credit card numbers, secret project notes: you expect all of that to stay locked down in Private Browsing windows and tabs.

Nov 26, 2024 Windows Mac

CVE-2024-11698 - Stuck in Fullscreen—A macOS Flaw That Traps Firefox and Thunderbird

Imagine going fullscreen in Firefox or Thunderbird on your Mac, then opening a dialog—maybe a download prompt or a permissions pop-up. The screen darkens,

Nov 26, 2024

CVE-2024-11704 - Double-Free Vulnerability in sec_pkcs7_decoder_start_decrypt() – Details, Exploitation, and Safeguards

CVE-2024-11704 is a critical double-free vulnerability discovered in Mozilla's NSS (Network Security Services) stack, specifically in the sec_pkcs7_decoder_start_decrypt() function.