API - CVE CyberSecurity Database News (Page 146)

CVE-2024-42340 - Breaking Down CyberArk’s Dangerous Client-Side Security Flaw (CWE-602)

Aug 25, 2024 API WebSocket

CVE-2024-42340 - Breaking Down CyberArk’s Dangerous Client-Side Security Flaw (CWE-602)

In June 2024, a critical security vulnerability was disclosed in the CyberArk Privileged Access Security (PAS) Solution, tracked as CVE-2024-42340. This vulnerability is rooted in

Aug 22, 2024 RCE API Exploit PHP

CVE-2024-39717 - How Versa Director’s Favicon Feature Lets Attackers Upload Malicious Files

A new vulnerability has been found in Versa Director, tagged as CVE-2024-39717. The flaw lies in the GUI’s “Change Favicon” feature, which is supposed

Aug 21, 2024 CSRF XSS API Exploit

CVE-2024-21690 - High Severity Reflected XSS and CSRF Vulnerability in Atlassian Confluence Data Center and Server

A serious security issue — CVE-2024-21690 — exists in several versions of Atlassian Confluence Data Center and Server. This vulnerability combines Reflected Cross-Site Scripting (XSS) and Cross-Site

Aug 20, 2024 Microsoft API Exploit Apache

CVE-2024-38175 - How Improper Access Control in Azure Managed Cassandra Lets Attackers Elevate Privileges

> Published: June 2024 > By: Security Research Team Microsoft Azure’s Managed Instance for Apache Cassandra is one of the most popular managed NoSQL

Aug 20, 2024 API Exploit

CVE-2024-6322 - Bypassing Access Control in Plugin Data Sources via Misapplied ReqActions in plugin.json

A critical security vulnerability, CVE-2024-6322, was recently discovered in systems that utilize plugin-based data sources. This issue allows users with legitimate access to any data