CVE CyberSecurity Database News (Page 232)

Feb 18, 2025 XSS SQL

CVE-2024-4028 - Keycloak Admin Console Vulnerability Enables Privileged XSS Attacks

_Keycloak_ is a widely-used open-source identity and access management solution, trusted by developers for securing applications. In June 2024, a new critical vulnerability—CVE-2024-4028—was

Feb 18, 2025 Exploit OAuth

CVE-2025-26620 - Race Condition Vulnerability in Duende.AccessTokenManagement for .NET

CVE-2025-26620 is a newly disclosed vulnerability affecting the Duende.AccessTokenManagement library for .NET, which is widely used for managing OAuth and OpenID Connect access tokens.

Feb 18, 2025 Exploit

CVE-2025-21703 - Linux Kernel netem Use-After-Free Exploit Explained

The Linux kernel is the backbone of almost every server and many desktops out there. When something’s wrong in the kernel, it can impact

Feb 18, 2025

CVE-2025-21702 - Linux Kernel pfifo_head_drop qdisc Limit Bypass Vulnerability – Privilege Escalation Explained

A subtle logic bug in the Linux kernel’s traffic control code (qdisc) has been identified and fixed, tracked as CVE-2025-21702. This flaw involves the

Feb 18, 2025 Exploit

CVE-2025-1414 - Memory Safety Bugs in Firefox 135 — How Attackers Could Execute Arbitrary Code

Mozilla Firefox is one of the world’s most trusted web browsers, but even the best software sometimes contains serious flaws. One such issue is