CVE CyberSecurity Database News (Page 185)

Mar 10, 2025 Exploit Java

CVE-2025-25614 - Privilege Escalation in Unifiedtransform 2. via Incorrect Access Control

Unifiedtransform is a popular open-source school management and examination platform, used by educational institutions worldwide. But in early 2025, a security issue—now indexed as

Mar 10, 2025 RCE Exploit Apache

CVE-2025-26865 - Deep Dive into the Apache OFBiz Template Engine Vulnerability

In June 2024, a critical vulnerability surfaced in Apache OFBiz — a popular open source enterprise resource planning (ERP) suite used by businesses worldwide. Tracked as

Mar 9, 2025 Exploit Java Apache

CVE-2025-27636 - Exploiting Method Invocation Injection in Apache Camel-Bean Component

Published: 2025-02-29 Severity: High (Bypass/Injection) Affected Packages: apache-camel (see Advisory) Patched in: 4.10.2 (4.10.x LTS), 4.8.5 (4.8.

Mar 8, 2025 SQL

CVE-2023-52970 - Crashing MariaDB Servers via Item_direct_view_ref::derived_field_transformer_for_where – Analysis and Exploit

MariaDB is a popular open-source database server, known for reliability and used widely in web applications. But like any complex software, sometimes it stumbles onto

Mar 8, 2025

CVE-2023-52969 - Deep Dive into the MariaDB "Empty Backtrace" Crash Vulnerability

In 2023, the MariaDB project became aware of a troubling bug now tracked as CVE-2023-52969. This bug, affecting MariaDB Server versions 10.4–10.5.