Poster - CVE CyberSecurity Database News (Page 259)

Feb 5, 2025 API Exploit

CVE-2024-1539 - How a GitLab API Info Leak Let Banned Group Members See Issue Updates

--- Intro: What is CVE-2024-1539? CVE-2024-1539 is a newly discovered vulnerability in GitLab's Enterprise Edition (EE) that impacts a wide range of versions:

Feb 5, 2025

CVE-2023-52924 - Underlying Dangers in Linux Netfilter's Verdict Map Handling—Issues, Exploit Details, and Technical Insights

In late 2023, a subtle but critical vulnerability was discovered in the Linux kernel’s Netfilter nf_tables subsystem. This flaw, now identified as CVE-2023-52924,

Feb 5, 2025 RCE API WiFi

CVE-2025-25246 - Unauthenticated Remote Code Execution on NETGEAR XR100, XR100v2, and XR500 Routers

Recently, a serious security flaw, CVE-2025-25246, was discovered in several NETGEAR WiFi routers: XR100 (before 1...74), XR100v2 (before 1.1..22), and XR500 (before

Feb 5, 2025 RCE WordPress Exploit PHP

CVE-2025-1028 - Remote Code Execution via Arbitrary File Upload in Contact Manager for WordPress (up to 8.6.4)

On June 13, 2024, a serious vulnerability—CVE-2025-1028—was disclosed in the popular “Contact Manager” WordPress plugin, affecting all versions up to, and including, 8.

Feb 5, 2025 WiFi

CVE-2025-23114 - Veeam Updater TLS Certificate Validation Flaw Allows Remote Code Execution

Published: June 2024 Severity: Critical Affected Product: Veeam Backup & Replication (Updater Component) Summary A newly published vulnerability, CVE-2025-23114, affects Veeam Backup & Replication products.