CVE CyberSecurity Database News (Page 262)

Feb 11, 2025 API Exploit

CVE-2024-40591 - Privilege Escalation in Fortinet FortiOS via Malicious Upstream FortiGate

Published: June 2024 Affected Products: Fortinet FortiOS 7.6., 7.4. - 7.4.4, 7.2. - 7.2.9, and before 7..15

Feb 11, 2025 CSRF API Apache

CVE-2025-24897 - CSRF Vulnerability in Misskey Bull-Board Allows Arbitrary Job Injection

Misskey is a popular, open source federated social media platform. Many small and large communities use Misskey for Twitter-like microblogging—self-hosted, customizable, and with a

Feb 11, 2025 RCE

CVE-2025-22467 - Stack-Based Buffer Overflow in Ivanti Connect Secure (RCE Exploit Walkthrough)

CVE-2025-22467 impacts Ivanti Connect Secure, a popular VPN solution used by organizations around the world. This newly disclosed vulnerability is a stack-based buffer overflow that

Feb 11, 2025 Exploit MITM

CVE-2024-12797 - How a Raw Public Key TLS Authentication Bug in OpenSSL Can Let MITM Attacks Slip Through

--- Introduction In March 2024, a significant vulnerability—CVE-2024-12797—was disclosed in OpenSSL affecting some clients using RFC725 Raw Public Keys (RPK) for TLS or

Feb 11, 2025

CVE-2025-24976 - Exploiting Token Authentication in Distribution Registry (3..-beta.1 to 3..-rc.2)

Distribution is a popular toolkit for packing, shipping, storing, and delivering container content. It's widely used for running private registries for Docker and