API - CVE CyberSecurity Database News (Page 152)

Aug 22, 2024 RCE API Exploit PHP

CVE-2024-39717 - How Versa Director’s Favicon Feature Lets Attackers Upload Malicious Files

A new vulnerability has been found in Versa Director, tagged as CVE-2024-39717. The flaw lies in the GUI’s “Change Favicon” feature, which is supposed

Aug 21, 2024 CSRF XSS API Exploit

CVE-2024-21690 - High Severity Reflected XSS and CSRF Vulnerability in Atlassian Confluence Data Center and Server

A serious security issue — CVE-2024-21690 — exists in several versions of Atlassian Confluence Data Center and Server. This vulnerability combines Reflected Cross-Site Scripting (XSS) and Cross-Site

Aug 20, 2024 Microsoft API Exploit Apache

CVE-2024-38175 - How Improper Access Control in Azure Managed Cassandra Lets Attackers Elevate Privileges

> Published: June 2024 > By: Security Research Team Microsoft Azure’s Managed Instance for Apache Cassandra is one of the most popular managed NoSQL

Aug 20, 2024 API Exploit

CVE-2024-6322 - Bypassing Access Control in Plugin Data Sources via Misapplied ReqActions in plugin.json

A critical security vulnerability, CVE-2024-6322, was recently discovered in systems that utilize plugin-based data sources. This issue allows users with legitimate access to any data

Aug 16, 2024 Windows Microsoft API Exploit

CVE-2024-43472 - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Explained

Microsoft Edge, the Chromium-based successor to Internet Explorer, is one of the most popular web browsers. However, in June 2024, an important security issue—CVE-2024-43472—