CVE-2025-12817 - PostgreSQL CREATE STATISTICS Authorization Flaw Can Crash Other Users
A missing authorization check in the PostgreSQL CREATE STATISTICS command allows any table owner to "hog" statistic names across all schemas—locking out
CVE-2025-12818 - Integer Wraparound in PostgreSQL libpq Leads to Major Out-Of-Bounds Writes
PostgreSQL is one of the world’s most trusted open-source relational databases, and libpq is its C client library that many applications depend on for
CVE-2025-64500 - Path Traversal Bypass in Symfony’s HttpFoundation Component
A new critical security vulnerability, CVE-2025-64500, has been uncovered in the popular PHP framework, Symfony. More specifically, it affects Symfony’s HttpFoundation component—which is
CVE-2025-12748 - Exploiting XML Processing in libvirt for Denial of Service
A new security flaw, CVE-2025-12748, was recently discovered in libvirt, a popular open-source virtualization API. This vulnerability affects how libvirt handles XML files submitted by
CVE-2025-62215 - Race Condition in Windows Kernel Leads to Local Privilege Escalation
In early 2025, a critical vulnerability surfaced affecting all modern versions of Windows: CVE-2025-62215. This bug is a race condition—a classic concurrent programming error.
Episode
00:00:00
00:00:00