Exploit - CVE CyberSecurity Database News (Page 418)

Aug 16, 2024 API Exploit

CVE-2024-7646 - Bypassing Ingress-nginx Annotation Validation to Steal All Kubernetes Cluster Secrets

CVE-2024-7646 is a critical security vulnerability discovered in the ingress-nginx Kubernetes controller. This issue allows anyone with permissions to create Ingress objects to bypass critical

CVE-2024-34727 - Heap Buffer Overflow Vulnerability in `sdp_utils.cc` Enables Remote Information Disclosure (Analysis and Exploit)

Aug 15, 2024 Bluetooth Exploit

CVE-2024-34727 - Heap Buffer Overflow Vulnerability in `sdp_utils.cc` Enables Remote Information Disclosure (Analysis and Exploit)

A new security flaw, CVE-2024-34727, has been discovered in the sdpu_compare_uuid_with_attr function within the widely used Bluetooth stack implementation. This issue

Aug 15, 2024 Exploit Google

CVE-2024-34743 - Exploiting a Tapjacking Vulnerability in Android’s SurfaceFlinger (Easy Privilege Escalation)

A critical vulnerability (CVE-2024-34743) has been found in Android’s core SurfaceFlinger service, specifically in the setTransactionState function of SurfaceFlinger.cpp. This bug introduces a

Aug 15, 2024 Windows Exploit

CVE-2024-7262 - Weaponized Path Validation Bug in Kingsoft WPS Office Lets Attackers Load Windows Libraries with Malicious Spreadsheets

Kingsoft WPS Office is one of the most popular office suites in the world, especially in China. Recently, a significant security vulnerability (CVE-2024-7262) has been

Aug 14, 2024 API Exploit

CVE-2024-28799 - Sensitive Data Exposure in IBM QRadar Suite and Cloud Pak for Security – Exploit, Analysis, and Guidance

In March 2024, IBM identified and disclosed a vulnerability in its security intelligence platforms, IBM QRadar Suite and Cloud Pak for Security, tracked as CVE-2024-28799