Poster - CVE CyberSecurity Database News (Page 145)

Mar 14, 2025 Exploit

CVE-2025-24855 - Exploiting Use-After-Free in libxslt’s numbers.c (Before 1.1.43) – A Hands-On Guide

--- Introduction: What is CVE-2025-24855? CVE-2025-24855 uncovers a dangerous use-after-free vulnerability in libxslt (prior to version 1.1.43). The issue lurks in numbers.c,

Mar 13, 2025 Java

CVE-2025-27496 - How a Logging Flaw in Snowflake JDBC Driver Could Leak Client-Side Encryption Keys

Snowflake’s cloud data platform is widely used for artificial intelligence workloads and large-scale data processing. But even the biggest platforms can have unexpected security

Mar 13, 2025

CVE-2025-1767 - Exploiting Deprecated Kubernetes In-Tree gitRepo Volume for Lateral Movement

If you are managing a Kubernetes cluster and your workloads use the old in-tree gitRepo volume to clone Git repositories, a new critical vulnerability—CVE-2025-1767—

Mar 13, 2025 Windows Exploit

CVE-2024-9042 - Critical Kubernetes Privilege Escalation on Windows Worker Nodes

In early 2024, security researchers discovered a major vulnerability in Kubernetes that specifically impacts Windows worker nodes. Documented as CVE-2024-9042, this flaw allows attackers to

Mar 13, 2025 XSS API Exploit Google

CVE-2024-8402 - Exploiting Google Cloud IAM Integration in GitLab EE – Exploit Analysis, Code Sample, and Mitigation

CVE-2024-8402 is a security vulnerability found in GitLab Enterprise Edition (EE) impacting the Google Cloud IAM integration feature. This flaw affects: All versions from 17.