Latest Research
-
CVE-2023-24055: KeePass Password Theft via Malicious Config File
CVE-2023-24055 is a vulnerability in KeePass 2.53 that allows an attacker with write access to the XML configuration file to steal the entire password vault without prompting fo...
-
CVE-2022-45299: Arbitrary File Execution in Rust's webbrowser-rs via Crafted URLs
A critical security bug in the Rust library webbrowser-rs v0.8.2 passes user-supplied URLs directly to the Windows ShellExecuteW API without any validation. Malicious actors can...
-
CVE-2022-41544: Unauthenticated RCE in GetSimple CMS via Path Traversal
GetSimple CMS v3.3.16 contains a path traversal in the theme editor's edited_file parameter allowing arbitrary file write. Combined with an information disclosure in Apache's de...