API - CVE CyberSecurity Database News (Page 158)

Jul 19, 2024 WordPress API Exploit SQL PHP

CVE-2024-6205 - PayPlus Payment Gateway WordPress Plugin (v6.6.8 and below) SQL Injection Vulnerability Exploit and Mitigation Guide

On June 2024, a critical security issue, CVE-2024-6205, was found in the PayPlus Payment Gateway WordPress plugin, impacting all sites running plugin versions before 6.

Jul 17, 2024 API Exploit Cisco

CVE-2024-20419 - Cisco SSM On-Prem Authentication Bypass Lets Attackers Reset Any Password

Cisco Smart Software Manager On-Prem (SSM On-Prem) helps organizations manage Cisco software licenses locally. But in January 2024, security researchers uncovered a critical flaw, CVE-2024-20419,

Jul 17, 2024 API

CVE-2024-6595 - Exploiting GitLab's NPM Package Metadata Conflict

In June 2024, security researchers uncovered a vulnerability affecting GitLab CE/EE (Community Edition and Enterprise Edition), tracked as CVE-2024-6595. This flaw allowed attackers to

Jul 16, 2024 API Java Oracle

CVE-2024-21147 - Deep Dive into a Serious Oracle Java SE and GraalVM Hotspot Vulnerability

In April 2024, Oracle disclosed a high-impact vulnerability (CVE-2024-21147) affecting popular Java platforms: Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise. This

CVE-2024-21145 - Data Exposure and Manipulation in Oracle Java SE and GraalVM (Component: 2D)

Jul 16, 2024 API SOAP Java Oracle

CVE-2024-21145 - Data Exposure and Manipulation in Oracle Java SE and GraalVM (Component: 2D)

Published: Oracle CPU April 2024 CVSS 3.1 Base Score: 4.8 (Confidentiality and Integrity impacts) Components Affected: 2D (Java 2D Graphics) CVE Record: CVE-2024-21145