Poster - CVE CyberSecurity Database News (Page 262)

Feb 3, 2025 Exploit

CVE-2024-56902 - Information Disclosure in Geovision GV-ASManager (≤ v6.1..) Exposes Account Passwords in Cleartext

If you’re running Geovision GV-ASManager for your access control systems, especially version 6.1.. or older, you need to pay close attention. A new

Feb 3, 2025 CSRF Exploit

CVE-2024-56903 - How a Simple HTTP Trick Breaks Security in GeoVision GV-ASWeb (<=6.1.1.)

--- Introduction In the world of security, sometimes the biggest problems come from the smallest details. That’s exactly the case with CVE-2024-56903 – a newly

Feb 3, 2025 API Exploit Google

CVE-2024-34897 - API Key Disclosure in Nedis SmartLife Android App v1.4. — How It Works and What It Means for You

--- In June 2024, security researchers published information on a critical vulnerability, CVE-2024-34897, found in the Nedis SmartLife Android app v1.4.. This long read

Feb 3, 2025

CVE-2025-25065 - Exploiting SSRF in Zimbra’s RSS Feed Parser (9.. < Patch 43, 10..x < 10..12, 10.1.x < 10.1.4)

--- Overview In early 2025, a significant vulnerability — CVE-2025-25065 — was disclosed affecting Zimbra Collaboration Suite (ZCS). This Server-Side Request Forgery (SSRF) exists in Zimbra’s

Feb 3, 2025 API Exploit SOAP SQL

CVE-2025-25064 - SQL Injection in ZimbraSync Service SOAP Endpoint Exposes Critical Email Metadata (Explained with Exploit Example)

Published: June 2024 Zimbra Collaboration Suite (ZCS) is a widely used open-source email and collaboration platform, adopted by businesses and organizations all over the world.