API - CVE CyberSecurity Database News (Page 144)

CVE-2024-20497 - Cisco Expressway-E Vulnerability Explained — How Attackers Can Impersonate Users

Sep 4, 2024 API Cisco

CVE-2024-20497 - Cisco Expressway-E Vulnerability Explained — How Attackers Can Impersonate Users

A serious security hole was found in Cisco Expressway Edge (Expressway-E) products, tracked as CVE-2024-20497. This bug allows any authenticated remote user—specifically those with

Sep 4, 2024 API Exploit Cisco

CVE-2024-20439 - The Hidden Backdoor in Cisco Smart Licensing Utility Explained

If you’re running Cisco Smart Licensing Utility (SLU) in your network, there’s a critical security hole you should know about—CVE-2024-20439. This vulnerability

Sep 4, 2024 API Exploit Apache

CVE-2024-45195 - Direct Request ('Forced Browsing') Vulnerability in Apache OFBiz – How Attackers Could Access Restricted URLs

CVE-2024-45195 is a newly disclosed "Direct Request" or "Forced Browsing" vulnerability that impacts Apache OFBiz—one of the most popular open-source

Sep 3, 2024 API Exploit Google Chrome

CVE-2024-8362 - Exploiting a Use-After-Free in Chrome WebAudio (Pre-128..6613.119) – Explanation, Details, and Example

--- Introduction A critical security vulnerability, CVE-2024-8362, was discovered in Google Chrome's WebAudio implementation. This bug lets remote attackers potentially cause heap corruption

CVE-2024-41436 - How a Buffer Overflow in ClickHouse v24.3.3.102 (DB::evaluateConstantExpressionImpl) Risks Your Data

Sep 3, 2024 API Exploit SQL

CVE-2024-41436 - How a Buffer Overflow in ClickHouse v24.3.3.102 (DB::evaluateConstantExpressionImpl) Risks Your Data

In early June 2024, a severe buffer overflow vulnerability—CVE-2024-41436—was uncovered in ClickHouse v24.3.3.102. The security hole exists in the DB: