CVE CyberSecurity Database News (Page 180)

Mar 3, 2025 XSS Exploit

CVE-2024-8186 - GitLab CE/EE XSS Vulnerability Explained (With Exploit Details & Code)

Published: June 2024 Severity: High Component: GitLab Community Edition (CE) & Enterprise Edition (EE) Vulnerable Versions: 🚨 What is CVE-2024-8186? CVE-2024-8186 is a security flaw recently

Mar 3, 2025 API Exploit

CVE-2025-25952 - Insecure Direct Object Reference in Academia SIS EagleR v1..118 Exposes Student Data

--- What is CVE-2025-25952? CVE-2025-25952 is an IDOR (Insecure Direct Object Reference) vulnerability identified in the Academia Student Information System (SIS) EagleR version 1..118

Mar 3, 2025 Microsoft API

CVE-2025-25953 - Azure JWT Access Token Exposure in Serosoft Academia SIS EagleR v1..118

In early 2025, a critical security flaw labeled CVE-2025-25953 was discovered in the Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1..118.

Mar 3, 2025 CSRF API Exploit

CVE-2025-27579 - How a Simple CSRF Bug in Bitaxe ESP-Miner Lets Attackers Hijack Your Bitcoin Mining Payout

In the world of cryptocurrency mining, security is often overlooked in the rush for higher hashrates and better efficiency. But sometimes, a small bug can

Mar 2, 2025 Exploit

CVE-2025-1819 - Critical OS Command Injection in Tenda AC7 120M (15.03.06.44) - Exploit Explained

--- Introduction In early 2025, a major security vulnerability was discovered in the popular Tenda AC7 120M router, firmware version 15.03.06.44. Classified