CVE CyberSecurity Database News (Page 192)

Mar 4, 2025 Microsoft API Exploit

CVE-2025-27507 - Critical IDOR in ZITADEL Allows Account Takeover via LDAP Config Manipulation

ZITADEL is a widely used open-source identity and access management (IAM) solution, helping organizations manage authentication, user registration, and authorization. Designed to be flexible, secure,

Mar 4, 2025 Windows Microsoft Exploit Java

CVE-2024-11957 - Breaking Down an Unpatched Digital Signature Bug in Kingsoft WPS Office (ksojscore.dll) Enabling Arbitrary DLL Loading

Kingsoft WPS Office is a widely-used productivity suite that's especially popular in China and among users who want a free alternative to Microsoft

Mar 4, 2025 Exploit

CVE-2025-27111 - Log Injection Vulnerability in Ruby Rack Sendfile Middleware Explained

On February 27, 2025, CVE-2025-27111 was published affecting the popular Ruby library Rack, specifically its Rack::Sendfile middleware. This security vulnerability allows attackers to inject

Mar 4, 2025

CVE-2025-1943 - Memory Safety Bugs in Firefox 135 and Thunderbird 135—What You Need to Know

Memory safety vulnerabilities are no stranger to complex software, especially web browsers and email clients used by millions. CVE-2025-1943 turns a spotlight on this issue,

Mar 4, 2025 Exploit

CVE-2025-1932 - Out-of-Bounds Exploit in Firefox and Thunderbird’s xslt/txNodeSorter (Full Technical Analysis)

Published: 2024-06-25 <br>Author: [YourName] Mozilla has recently disclosed a new security flaw, CVE-2025-1932, affecting the xslt/txNodeSorter code used in both Firefox