CVE CyberSecurity Database News (Page 161)

Mar 10, 2025 RCE Exploit Apache

CVE-2025-26865 - Deep Dive into the Apache OFBiz Template Engine Vulnerability

In June 2024, a critical vulnerability surfaced in Apache OFBiz — a popular open source enterprise resource planning (ERP) suite used by businesses worldwide. Tracked as

Mar 9, 2025 Exploit Java Apache

CVE-2025-27636 - Exploiting Method Invocation Injection in Apache Camel-Bean Component

Published: 2025-02-29 Severity: High (Bypass/Injection) Affected Packages: apache-camel (see Advisory) Patched in: 4.10.2 (4.10.x LTS), 4.8.5 (4.8.

Mar 8, 2025 SQL

CVE-2023-52970 - Crashing MariaDB Servers via Item_direct_view_ref::derived_field_transformer_for_where – Analysis and Exploit

MariaDB is a popular open-source database server, known for reliability and used widely in web applications. But like any complex software, sometimes it stumbles onto

Mar 8, 2025

CVE-2023-52969 - Deep Dive into the MariaDB "Empty Backtrace" Crash Vulnerability

In 2023, the MariaDB project became aware of a troubling bug now tracked as CVE-2023-52969. This bug, affecting MariaDB Server versions 10.4–10.5.

Mar 8, 2025 Exploit SQL Jira

CVE-2023-52971 - MariaDB Server Crash Exploit in JOIN::fix_all_splittings_in_plan (Simple Breakdown & Proof-of-Concept)

MariaDB, the popular open-source database forked from MySQL, is widely trusted in countless production environments. But recently, a severe bug was discovered that crashes MariaDB