CVE CyberSecurity Database News (Page 144)

Mar 14, 2025 Exploit

CVE-2025-29775 - Breaking XML Signature Verification in `xml-crypto` Lets Attackers Bypass Authentication (Exploit Guide)

In early 2025, a critical vulnerability was discovered in the popular Node.js library xml-crypto. This bug, identified as CVE-2025-29775, exposes many applications—and even

Mar 14, 2025

CVE-2025-29774 - How the xml-crypto Library for Node.js May Let Attackers Bypass XML Signature Verification

CVE-2025-29774 is a serious security vulnerability discovered in the popular Node.js library xml-crypto, which is widely used by developers to verify XML digital signatures

Mar 14, 2025 Exploit

CVE-2023-33300 - How Command Injection in FortiNAC Lets Attackers Access Your Files

In May 2023, cybersecurity researchers disclosed a serious vulnerability affecting Fortinet FortiNAC — network access control software from Fortinet used by organizations worldwide. CVE-2023-33300 was identified

Mar 14, 2025 XSS Windows

CVE-2024-26006 - Understanding and Exploiting Cross-Site Scripting in FortiOS and FortiProxy SSL VPN

In early 2024, security researchers discovered a serious vulnerability identified as CVE-2024-26006 affecting Fortinet's FortiOS and FortiProxy SSL VPN web UI. This "

Mar 14, 2025 API

CVE-2024-8176 - Stack Overflow in libexpat via Recursive Entity Expansion — A Deep Dive

In June 2024, security researchers uncovered a critical vulnerability in the popular XML parsing library libexpat. Tracked as CVE-2024-8176, this flaw exposes applications to stack