Poster - CVE CyberSecurity Database News (Page 256)

Feb 5, 2025 Exploit

CVE-2024-57077 - Prototype Pollution Vulnerability in utils-extend 1..8 – What You Need to Know

Recently, security researchers have discovered a new vulnerability that affects the popular npm package utils-extend, specifically version 1..8 – which, at the time of writing,

Feb 5, 2025 API

CVE-2024-57075 - Prototype Pollution in `lib.Logger` of eazy-logger v4..1 Allows DoS

In this post, we’ll take a closer look at CVE-2024-57075, a prototype pollution vulnerability discovered in the popular npm package eazy-logger, version 4..1,

Feb 5, 2025 API Exploit

CVE-2025-24319 - How Undisclosed API Requests Can Crash BIG-IP Next Central Manager Kubernetes Node

In early 2025, a new vulnerability was discovered in F5’s BIG-IP Next Central Manager product. Catalogued as CVE-2025-24319, this issue affects the system’s

Feb 5, 2025

CVE-2025-23419 - Bypassing Client Certificate Authentication in NGINX with Session Tickets and Shared IPs

In early 2025, a significant security issue—CVE-2025-23419—was discovered in the way NGINX handles TLS session resumption across multiple virtual servers (or “server blocks”

Feb 5, 2025 Exploit

CVE-2025-21087 - F5 BIG-IP SSL Profile/DNSSEC Resource Exhaustion Explained (with Exploit Example)

A new risk has cropped up for F5 BIG-IP administrators, tracked as CVE-2025-21087. This issue is especially worrying because it can drive up memory and