Poster - CVE CyberSecurity Database News (Page 315)

Jan 20, 2025 API Exploit WebSocket

CVE-2025-24010 - How Vite’s CORS Misconfig Exposed Developers to Data Leaks

Summary: Vite, a popular frontend tool for JavaScript, had a major vulnerability (CVE-2025-24010), letting any website send requests to Vite’s dev server and read

Jan 20, 2025

CVE-2025-22620 - gitoxide File Permissions Vulnerability Allows World-Writable Executables

A new security flaw has been uncovered in gitoxide, the fast-growing, Rust-based implementation of Git. This vulnerability, tracked as CVE-2025-22620, can result in executable files

Jan 20, 2025 API Exploit

CVE-2024-45647 - IBM Security Verify Access Password Reset Vulnerability Exploited

A dangerous security flaw has been discovered in IBM’s Security Verify Access products, affecting versions 10.. through 10..8, both regular and Docker editions.

Jan 20, 2025

CVE-2024-13176 - Timing Side-Channel in ECDSA Allows Private Key Leakage — Simple Explanation & Exploit Details

A new vulnerability—CVE-2024-13176—has popped up, targeting the ECDSA (Elliptic Curve Digital Signature Algorithm) cryptography used for secure digital signatures. This issue is a

Jan 20, 2025 API Exploit

CVE-2025-21655 - io_uring/eventfd Use-After-Free RCU Vulnerability in Linux Kernel

In early 2025, security researchers discovered a subtle but impactful vulnerability in the Linux kernel's io_uring subsystem, affecting kernels prior to commit