CVE CyberSecurity Database News (Page 143)

Mar 16, 2025 Java

CVE-2024-58103 - Square Wire’s Missing Recursion Limit Exposes ProtoReader Exploit

In June 2024, a significant vulnerability was discovered in Square’s Wire library (before version 5.2.). The flaw, registered as CVE-2024-58103, impacts parsing logic

Mar 15, 2025 API Exploit

CVE-2025-2334 - Insecure Access Control in SpringBoot OpenAI ChatGPT Lets Attackers Delete Any User’s Chat History

In early 2025, a problematic vulnerability — CVE-2025-2334 — was disclosed affecting the popular springboot-openai-chatgpt (e84f6f5). This issue exposes users to risk by allowing unauthorized deletion of

Mar 15, 2025 Exploit

CVE-2025-2323 - Behavioral Workflow Enforcement Vulnerability in springboot-openai-chatgpt

CVE-2025-2323 is a newly discovered vulnerability in the project springboot-openai-chatgpt (Commit e84f6f5). This flaw impacts the updateQuestionCou function found in the /api/mjkj-chat/chat/mng/

Mar 15, 2025

CVE-2025-30066 - How Malicious Commits in tj-actions/changed-files Leaked GitHub Secrets

In March 2025, the popular GitHub Action named tj-actions/changed-files faced a major supply chain security incident. This vulnerability, tracked as CVE-2025-30066, allowed malicious actors

Mar 14, 2025 Exploit

CVE-2025-2320 - Critical Vulnerability Discovered in Springboot-openai-chatgpt e84f6f5: Improper Authorization in User Handler

A critical vulnerability has been found in the widely used 274056675 springboot-openai-chatgpt e84f6f5. This vulnerability has severe implications, as it allows for improper authorization, potentially