Poster - CVE CyberSecurity Database News (Page 40)

Nov 21, 2025 Windows

CVE-2025-11933 - How Improper Input Validation in wolfSSL’s TLS 1.3 CKS Extension Can Cause DoS

A new vulnerability, CVE-2025-11933, has been discovered in wolfSSL up to version 5.8.2. This issue affects the popular security library on multiple platforms,

Nov 21, 2025

CVE-2025-11934 - Downgrade Risk in wolfSSL’s TLS 1.3 CertificateVerify Signature Algorithm — Explained

When relying on encrypted connections, most of us trust that a modern library like wolfSSL keeps our data private and secure. But with CVE-2025-11934, a

Nov 21, 2025 API

CVE-2025-41115 - Exploiting SCIM Provisioning in Grafana to Impersonate and Elevate Privileges

In April, Grafana introduced SCIM provisioning via Grafana Enterprise and Grafana Cloud. The intention was to help organizations automate user management—handling onboarding, offboarding, and

Nov 20, 2025 Windows API Mac

CVE-2025-64660 - Remote Code Execution in GitHub Copilot and VS Code Due to Improper Access Control

In early 2025, a serious security vulnerability, CVE-2025-64660, was discovered impacting GitHub Copilot and Visual Studio Code (VS Code). This issue centers on *improper access

Nov 19, 2025 RCE Windows Exploit

CVE-2025-11001 - 7-Zip ZIP File Directory Traversal RCE Explained (with Exploit Details)

In early 2025, a new critical vulnerability was identified in the widely used 7-Zip compression software. Tracked as CVE-2025-11001 (formerly ZDI-CAN-26753), this flaw allows an