CVE CyberSecurity Database News (Page 145)

Mar 14, 2025 WordPress API Exploit PHP

CVE-2025-1285 - How Unauthorized Attackers Can Hijack Resido Real Estate WordPress Sites

In early 2025, a high-risk security flaw was uncovered in the popular Resido - Real Estate WordPress Theme. This vulnerability, tracked as CVE-2025-1285, allows anyone—

Mar 14, 2025 Exploit

CVE-2024-55549 - Breaking Down libxslt’s xsltGetInheritedNsList Use-After-Free Bug

In June 2024, a new vulnerability tracked as CVE-2024-55549 was identified in the popular XML stylesheet library libxslt. This bug, lurking since before version 1.

Mar 14, 2025 Exploit

CVE-2025-24855 - Exploiting Use-After-Free in libxslt’s numbers.c (Before 1.1.43) – A Hands-On Guide

--- Introduction: What is CVE-2025-24855? CVE-2025-24855 uncovers a dangerous use-after-free vulnerability in libxslt (prior to version 1.1.43). The issue lurks in numbers.c,

Mar 13, 2025 Java

CVE-2025-27496 - How a Logging Flaw in Snowflake JDBC Driver Could Leak Client-Side Encryption Keys

Snowflake’s cloud data platform is widely used for artificial intelligence workloads and large-scale data processing. But even the biggest platforms can have unexpected security

Mar 13, 2025

CVE-2025-1767 - Exploiting Deprecated Kubernetes In-Tree gitRepo Volume for Lateral Movement

If you are managing a Kubernetes cluster and your workloads use the old in-tree gitRepo volume to clone Git repositories, a new critical vulnerability—CVE-2025-1767—