API - CVE CyberSecurity Database News (Page 140)

CVE-2024-6587 - How an SSRF in berriai/litellm 1.38.10 Can Leak Your OpenAI API Key

Sep 13, 2024 API

CVE-2024-6587 - How an SSRF in berriai/litellm 1.38.10 Can Leak Your OpenAI API Key

In June 2024, a vulnerability—CVE-2024-6587—was identified in berriai/litellm, a popular library for interacting with OpenAI’s and other LLM providers’ APIs. This

CVE-2024-41874 - Critical ColdFusion Deserialization Vulnerability – Full Breakdown, Exploit Details, and Remediation Guide

Sep 13, 2024 Windows API Java

CVE-2024-41874 - Critical ColdFusion Deserialization Vulnerability – Full Breakdown, Exploit Details, and Remediation Guide

A serious vulnerability identified as CVE-2024-41874 is putting organizations running Adobe ColdFusion 2023.9, 2021.15, and earlier versions at high risk. This security flaw

Sep 13, 2024 API

CVE-2024-46677 - Linux Kernel GTP NULL Pointer Dereference – Explained & Exploited

In late May 2024, Linux kernel maintainers patched a subtle but potentially dangerous vulnerability in the GTP (GPRS Tunneling Protocol) code. Tracked as CVE-2024-46677, this

Sep 12, 2024 API Exploit

CVE-2024-6678 - Exploiting GitLab Pipeline Impersonation – What You Need to Know

A serious security vulnerability, CVE-2024-6678, has been discovered in GitLab Community Edition (CE) and Enterprise Edition (EE). This issue affects multiple GitLab versions, letting attackers

Sep 12, 2024 API GraphQL

CVE-2024-4472 - GitLab Dependency Proxy Credentials Leak via GraphQL Logs — In-Depth Analysis and Exploit Example

Table of Contents Introduction In June 2024, GitLab disclosed a sensitive security issue, now tracked as CVE-2024-4472. If you use GitLab's Dependency Proxy