CVE CyberSecurity Database News (Page 202)

Feb 28, 2025 Mac Exploit

CVE-2025-1413 - DaVinci Resolve for MacOS Vulnerable to Dylib Hijacking via 777 File Permissions

--- Summary: A critical security flaw (CVE-2025-1413) has been discovered in DaVinci Resolve for macOS, where the application’s directory and files are installed with

Feb 28, 2025 CSRF WordPress API

CVE-2025-0801 - How a Missing Nonce Let Attackers Hijack RateMyAgent API Keys in WordPress

--- CVE-2025-0801 covers a worrying vulnerability found in the RateMyAgent Official plugin for WordPress — a tool used by real estate professionals to show client reviews

Feb 28, 2025 WordPress API Exploit

CVE-2024-13796 - How a WordPress Plugin Exposed User Emails & Sensitive Info

WordPress powers millions of websites, and plugins make it even more powerful. But even popular plugins can have serious bugs. This is the case with

Feb 28, 2025 API Exploit MITM

CVE-2025-25728 - Bosscomm IF740 Firmware Leak Exposes Sensitive Data in Plaintext API Calls

In early 2025, cybersecurity researchers disclosed a critical vulnerability—CVE-2025-25728—in the Bosscomm IF740 IoT device. This problem affects devices running Firmware versions 11001.7078

Feb 27, 2025

CVE-2024-51139 - Critical Buffer Overflow in DrayTek Vigor Routers’ HTTP CGI Parser

A serious security vulnerability has been publicly disclosed as CVE-2024-51139 affecting a wide range of DrayTek Vigor routers. This flaw is a buffer overflow found