CVE CyberSecurity Database News (Page 303)

Jan 29, 2025 XXE API Exploit Java

CVE-2025-0617 - Exploiting XML Entity Expansion to Crash Hx 10.. and Prior — A Simple Guide

CVE-2025-0617 targets a critical vulnerability in the HX console (version 10.. and earlier). If you run administrative systems based on Hx, you should read this.

Jan 29, 2025 CSS Google Chrome

CVE-2025-0762 - How “Use After Free” in Google Chrome DevTools Prior to v132..6834.159 Risks Your Security

There’s a new Chrome bug on the block: CVE-2025-0762. And even though it’s somewhat under the radar, it could let hackers mess with

Jan 29, 2025 Exploit

CVE-2021-3978 - How a Simple rsync Option in OctoRPKI Could Lead to Local Privilege Escalation

Security is rarely about the big, obvious mistakes. Often, the real dangers hide in the default settings, in the everyday commands we use without a

Jan 29, 2025

CVE-2024-57965 - How Axios Before 1.7.8 Handled URLs and Why It Matters

Published: June 2024 Severity: Low to Medium (depending on context) Affected Package: axios < 1.7.8 Introduction A recent finding, CVE-2024-57965, has highlighted an

Jan 28, 2025 API API Security Exploit

CVE-2024-48310 - Exposed API Keys in AutoLib Software Systems OPAC v20.10 – Technical Walkthrough and Exploit Details

*Published: June 2024* Introduction In June 2024, a severe vulnerability—CVE-2024-48310—was released, affecting popular library management software _AutoLib Software Systems OPAC v20.10_. The