Poster - CVE CyberSecurity Database News (Page 77)

Apr 15, 2025 CSRF XSS Exploit

CVE-2025-24358 - Critical CSRF Protection Bypass in gorilla/csrf (Go)

gorilla/csrf is a popular middleware library that prevents Cross Site Request Forgery (CSRF) attacks in Go web apps and services. If you’re using

Apr 15, 2025 Exploit

CVE-2023-5616 - How GNOME Control Center’s SSH Status Bug Exposed Ubuntu Users

In late 2023, a subtle but important security flaw, CVE-2023-5616, was found in Ubuntu’s GNOME Control Center—the graphical application that lets you adjust

Apr 15, 2025 Windows Microsoft

CVE-2025-33028 - WinZip Mark-of-the-Web Bypass Exploit – What You Need to Know

In June 2024, a fresh vulnerability was discovered affecting one of the world’s most popular archiving tools, WinZip. The flaw, now tracked as CVE-2025-33028,

Apr 15, 2025 Microsoft

CVE-2025-29817 - Uncontrolled Search Path Element in Power Automate Exposes Sensitive Data

On June 7, 2024, Microsoft disclosed a security bug tracked as CVE-2025-29817, relating to “Uncontrolled Search Path Element” in the Power Automate desktop application. This

Apr 15, 2025

CVE-2025-32911 - Exploiting Use-After-Free in libsoup’s soup_message_headers_get_content_disposition()

A recently discovered vulnerability—CVE-2025-32911—shakes up the foundation for many Linux and GNOME applications that rely on the popular libsoup HTTP client/server library.