CVE CyberSecurity Database News (Page 171)

Mar 4, 2025 API Exploit Java

CVE-2025-27221 - How Ruby’s URI Gem Leaks Authentication Credentials—Vulnerability Details, Exploit, and Fixes

In early 2025, a critical vulnerability was discovered in the widely-used URI gem for Ruby, listed as CVE-2025-27221. This issue affects all versions before 1.

Mar 4, 2025

CVE-2025-27220 - Breaking Down the CGI Ruby Gem ReDoS Vulnerability (Before .4.2)

Ruby’s CGI gem is a widely used library that helps web applications handle HTTP requests and escape HTML. In early 2025, a critical bug

Mar 4, 2025

CVE-2025-27219 - How a Cookie Parsing Bug in Ruby’s CGI Gem Threatens Your App – Exploit Details & Guide

Introduction In early 2025, a security vulnerability was discovered in the CGI gem for Ruby—specifically versions before .4.2. Labeled CVE-2025-27219, this bug is

Mar 3, 2025 XSS

CVE-2025-27500 - Exploiting An Unauthenticated File Upload Vulnerability in OpenZiti Admin Panel

OpenZiti is a popular free and open-source project that focuses on bringing zero trust networking to any application or environment. As the project gained users

Mar 3, 2025 Exploit

CVE-2025-1889 - How Picklescan's Old Extension Checks Let Dangerous Pickle Files Slip Through

A recent vulnerability, CVE-2025-1889, has exposed a serious gap in the security of picklescan versions before ..22. If you’re managing Python models, machine learning