CVE CyberSecurity Database News (Page 134)

Mar 23, 2025 RCE Windows Microsoft Exploit

CVE-2025-29806 - Exploiting Microsoft Edge Remote Code Execution Vulnerability with No CWE

In June 2025, Microsoft disclosed a significant security vulnerability in Microsoft Edge (Chromium-based), tracked as CVE-2025-29806. This security flaw, rare in that it is currently

Mar 23, 2025 Windows Microsoft

CVE-2025-29795 - How a Link Following Flaw in Microsoft Edge Lets Attackers Gain Local Privileges

CVE-2025-29795 is a newly disclosed vulnerability in Microsoft Edge (Chromium-based). This issue’s at the center of a growing concern over local privilege escalation (LPE)

Mar 23, 2025 API Java Apache

CVE-2025-27553 - Path Traversal Vulnerability in Apache Commons VFS before 2.10.

Apache Commons VFS is a popular Java library that provides a single API for accessing various different file systems, such as local files, FTP, SFTP,

Mar 23, 2025

CVE-2025-0927 - How a Heap Overflow in Linux Kernel's HFS+ Implementation Can Lead to System Compromise

On May 24, 2025, the security community learned about a newly reported Linux kernel vulnerability: CVE-2025-0927. Researcher Attila Szász disclosed a dangerous heap overflow bug

Mar 23, 2025 XSS Exploit PHP

CVE-2025-2645 - Cross Site Scripting (XSS) Vulnerability in PHPGurukul Art Gallery Management System 1. – Exploit Details and Remediation

A new security vulnerability, CVE-2025-2645, has been discovered in the PHPGurukul Art Gallery Management System 1.. This post aims to explain the vulnerability in simple