CVE CyberSecurity Database News (Page 302)

Jan 29, 2025 Exploit

CVE-2025-0840 - Critical Vulnerability Discovered in GNU Binutils up to 2.43 Causing Stack-based Buffer Overflow

A highly problematic vulnerability, classified as stack-based buffer overflow, has been identified in GNU Binutils versions up to 2.43. The vulnerable function disassemble_bytes

Jan 29, 2025 Windows Exploit Java

CVE-2025-24789 - Privilege Escalation in Snowflake JDBC Driver on Windows (EXTERNALBROWSER Auth Vulnerability Explained)

--- Summary A major vulnerability (CVE-2025-24789) was found in the Snowflake JDBC Driver, affecting Windows systems where the EXTERNALBROWSER authentication method is used. This post

Jan 29, 2025

CVE-2025-24882 - How Attackers Can Trick Docker Images with regclient in Go (With Fixes and Exploit Details)

If you use regclient – a popular Docker and OCI Registry Client library in Go – you might be at risk from a recent security vulnerability: CVE-2025-24882.

Jan 29, 2025 Exploit Java

CVE-2025-24790 - Snowflake JDBC Driver World-Readable Credential Leak

Snowflake is a widely used cloud data platform and its JDBC driver enables Java applications to connect securely to Snowflake instances. Recently, a critical vulnerability

Jan 29, 2025 XSS Exploit PHP

CVE-2025-24374 - Twig Templating Engine "??" Operator Output Escaping Vulnerability Explained

On February 2025, a new security vulnerability was discovered and disclosed in Twig, the popular template engine for PHP. This flaw, now tracked as CVE-2025-24374,