RCE - CVE CyberSecurity Database News (Page 29)

Jan 14, 2025 RCE Exploit

CVE-2024-11736 - How Keycloak’s URL Placeholders Expose Sensitive Server Data

CVE-2024-11736 is a recently discovered security vulnerability in Keycloak, a popular open-source identity and access management solution. This issue could let admin users access sensitive

Jan 9, 2025 RCE Windows API Exploit

CVE-2024-27980 - How Improper Batch Handling in Node.js Leads to Code Execution—A Deep Dive

In early 2024, security researchers discovered a significant flaw in how Node.js handles batch files on Windows using the child_process.spawn and child_

Jan 9, 2025 RCE

CVE-2023-27531 - Exploiting a Kredis JSON Deserialization Vulnerability in Ruby

In early 2023, a critical vulnerability—CVE-2023-27531—was publicly disclosed in Kredis, a popular Ruby library for managing Redis-backed types in Rails applications. This vulnerability

Jan 8, 2025 RCE WordPress Exploit PHP

CVE-2024-11635 - Remote Code Execution in WordPress File Upload Plugin via wfu_ABSPATH Cookie

CVE-2024-11635 is a serious security vulnerability in the popular WordPress File Upload plugin, affecting all versions up to and including 4.24.12. Attackers can

Jan 6, 2025 RCE Exploit

CVE-2024-46981 - Remote Code Execution in Redis via Malicious Lua Scripts

Redis is a popular open-source, in-memory database that is used everywhere — from caching layers to real-time analytics. But, in early 2024, a critical vulnerability called