Poster - CVE CyberSecurity Database News (Page 101)

Apr 7, 2025 API Exploit SQL Apache

CVE-2025-30473 - SQL Injection Flaw in Apache Airflow Common SQL Provider Can Lead to Privilege Escalation

A new security vulnerability, CVE-2025-30473, was discovered in the Apache Airflow Common SQL Provider (versions before 1.24.1). This flaw allows authenticated users to

Apr 7, 2025 Windows Microsoft API Exploit

CVE-2024-11859 - DLL Search Order Hijacking Can Lead to Malicious Code Execution by Administrators

In early 2024, security researchers discovered CVE-2024-11859, a vulnerability tied to how certain applications in Windows search and load dynamic-link libraries (DLLs). This issue—commonly

Apr 7, 2025

CVE-2025-20654 - Out-of-Bounds Write in WLAN Service May Lead to Remote Code Execution

In early 2025, a critical vulnerability was uncovered in the WLAN service, officially identified as CVE-2025-20654. The flaw allows for a possible out-of-bounds write due

Apr 6, 2025 Exploit Apache

CVE-2025-31492 - How mod_auth_openidc Leaked Protected Content to Unauthenticated Users

mod_auth_openidc is a popular OpenID Connect (OIDC) module for Apache 2.x servers, providing enterprise-ready authentication and single sign-on. In April 2025, a

Apr 6, 2025 WordPress Exploit SQL PHP

CVE-2025-1264 - SQL Injection in Broken Link Checker by AIOSEO – Detailed Exploit Overview

The WordPress plugin "Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links" is hugely popular for helping site owners maintain