A recent vulnerability known as CVE-2024-12642 has been discovered in the TenderDocTransfer application by Chunghwa Telecom. This vulnerability is classified as a Relative Path Traversal issue,...
CVE-2024-12641 is a significant vulnerability found in the TenderDocTransfer component of Chunghwa Telecom. This vulnerability allows for cross-site scripting (XSS) and command injection attacks, creating serious...
A recent vulnerability, CVE-2024-12643, has surfaced within the tbm-client developed by Chunghwa Telecom. This vulnerability is particularly alarming as it allows for Arbitrary File Deletion, stemming...
The Radare2 Pebble Application Command Injection Vulnerability, identified as CVE-2024-11858, was disclosed on December 13, 2024. This serious vulnerability impacts the widely-used Radare2 reverse-engineering framework. Known...
In recent weeks, a critical vulnerability known as CVE-2024-22461 has emerged within Dell’s RecoverPoint for Virtual Machines. This command injection vulnerability could allow attackers to execute...
The Apache Host Header Stored XSS Vulnerability, identified as CVE-2024-11986, is a recently uncovered security flaw impacting Apache HTTP Server versions 2.4.51 and 2.4.52. This vulnerability...
Iran-Linked IOCONTROL Malware Threatening IoT and OT Environments Iran-affiliated threat actors are now associated with new custom malware called IOCONTROL. This malware specifically targets IoT and...
The ComfyUI-Ace Code Injection Vulnerability, known as CVE-2024-21577, poses a serious threat to users relying on the platform. Discovered on December 13, 2024, this vulnerability exists...
The recent discovery of a vulnerability in the MainWP Child WordPress plugin, identified as CVE-2024-10783, has raised significant concerns in the WordPress community. This security flaw...
A critical vulnerability known as CVE-2024-9290 has emerged in the Super Backup & Clone – Migrate for WordPress plugin. This vulnerability allows unauthenticated users to upload...