CVE CyberSecurity Database News (Page 534)

Nov 19, 2024 Exploit

CVE-2024-10524 - Wget Shorthand URL Credential Injection – Exploit Details and Protection Guide

In early 2024, a significant vulnerability tagged as CVE-2024-10524 was discovered affecting applications that use Wget (a popular command-line utility) to fetch remote resources via

Nov 19, 2024 WordPress Exploit PHP

CVE-2024-11038 - Critical Arbitrary Shortcode Execution in 'WPB Popup for Contact Form 7' Plugin (CF7 Popup) – Exploit Details and Fixes

--- Introduction WordPress remains the world's favorite CMS, powering millions of websites. Its strength is its massive plugin ecosystem – but that’s exactly

CVE-2024-31141 - Files and Directories Exposed in Apache Kafka Clients (Improper Privilege Management Vulnerability)

Nov 19, 2024 API Exploit Java Apache Jira

CVE-2024-31141 - Files and Directories Exposed in Apache Kafka Clients (Improper Privilege Management Vulnerability)

--- Published: May 2024 Severity: High Affects: Apache Kafka Clients 2.3. through 3.5.2, 3.6.2, 3.7. Component: Kafka Clients, Kafka

Nov 19, 2024 Exploit

CVE-2024-21539 - How @eslint/plugin-kit’s RegExp Flaw Can Be Exploited for DoS Attacks

CVE-2024-21539 is a vulnerability found in the @eslint/plugin-kit NPM package, versions before .2.3. Simply put, a flaw in the way this library sanitized

Nov 19, 2024

CVE-2024-50299 - Fixing the SCTP Chunk Size Validation Bug in the Linux Kernel

Recently, a serious issue was patched in the Linux kernel that could allow attackers to crash systems using the SCTP protocol. This bug, now tracked