CVE-2024-36138 - Bypass Incomplete Fix of CVE-2024-27980: A Deep Dive into Improper Handling of Batch Files in Windows via child_process.spawn / child_process.spawnSync
In this post, we will discuss a recently found vulnerability, CVE-2024-36138, which bypasses the incomplete fix of CVE-2024-27980. This vulnerability arises from improper handling of
CVE-2024-8035: An In-Depth Look at the Inappropriate Implementation in Extensions in Google Chrome on Windows
In this day and age, web browsers are extremely important tools that we use on a daily basis. Google Chrome is the most popular web
CVE-2024-8033: Unveiling a UI Spoofing Vulnerability in Google Chrome's WebApp Installs on Windows
In this blog post, we will dive deep into a recently disclosed security vulnerability, identified as CVE-2024-8033. This vulnerability involves an inappropriate implementation in the
CVE-2024-7262: Improper Path Validation Vulnerability in Kingsoft WPS Office Allows Attackers to Load Arbitrary Windows Library
The Kingsoft WPS Office suite, a popular alternative to Microsoft Office, has been found to be vulnerable to an improper path validation vulnerability. This issue,
CVE-2024-7263: Improper Path Validation in 'promecefpluginhost.exe' in Kingsoft WPS Office Leads to Execution of Arbitrary Windows Libraries
A new security vulnerability has been discovered and assigned the identifier CVE-2024-7263, affecting Kingsoft WPS Office versions ranging from 12.2..13110 to 12.2.
Episode
00:00:00
00:00:00