Poster - CVE CyberSecurity Database News (Page 230)

Feb 12, 2025 Windows Microsoft API Exploit

CVE-2025-25199 - Memory Leak Vulnerability in go-crypto-winnative’s CNG TLS1PRF Function on Windows

Summary: A memory leak bug (CVE-2025-25199) was discovered in Microsoft’s go-crypto-winnative—the Go crypto backend for Windows using Cryptography API: Next Generation (CNG). Before

Feb 12, 2025 CSRF API Exploit

CVE-2025-25743 - New Command Injection Flaw in D-Link DIR-853 A1 (FW1.20B07) – Detailed Analysis & Exploitation

In early 2025, a severe vulnerability was found in the D-Link DIR-853 A1 router, running firmware version 1.20B07. Tracked as CVE-2025-25743, this security flaw

Feb 12, 2025 RCE

CVE-2025-25742 - Stack-Based Buffer Overflow in D-Link DIR-853 A1 (FW1.20B07) via `AccountPassword` Parameter

A fresh vulnerability, CVE-2025-25742, affecting the D-Link DIR-853 A1 wireless router (firmware 1.20B07), was discovered in the wild. This exploit takes advantage of a

Feb 12, 2025

CVE-2025-25746 - D-Link DIR-853 A1 FW1.20B07 Password Buffer Overflow Demystified

A new vulnerability has surfaced in the D-Link DIR-853 A1 router, specifically firmware version 1.20B07. Labeled CVE-2025-25746, this bug is a classic stack-based buffer

Feb 12, 2025 Exploit

CVE-2025-25184 - Breaking Ruby Rack Logs via CRLF Injection in Rack::CommonLogger

A critical vulnerability identified as CVE-2025-25184 has been found in the popular Ruby web framework library, Rack. Depending on how user input is handled and