CVE CyberSecurity Database News (Page 326)

Jan 22, 2025 Microsoft Exploit Cisco

CVE-2025-20128 - ClamAV OLE2 Integer Underflow Denial of Service Vulnerability Explained

A new security flaw was discovered in ClamAV, the popular open-source antivirus engine widely used to fight malware in emails, web proxies, and gateways. Identified

Jan 22, 2025 API Cisco

CVE-2025-20156 - How Cisco Meeting Management REST API Fails at Authorization — Exploit and Analysis

*Published: June 2024* Cisco has just disclosed a worrying vulnerability, tracked as CVE-2025-20156, that puts the power of IT infrastructure in the hands of low-privileged

Jan 22, 2025 Exploit Java

CVE-2024-31903 - IBM Sterling B2B Integrator Remote Code Execution via Deserialization (Explained)

The world of B2B integration is powered by trusted software, and IBM Sterling B2B Integrator is one of the leaders in that space. Yet, even

Jan 22, 2025

CVE-2025-0604 - How a Keycloak Password Reset Bug Lets Expired or Disabled AD Users Slip Through

--- Overview A newly identified vulnerability, CVE-2025-0604, impacts Keycloak—an open-source identity and access management tool used by many organizations to handle authentication and user

Jan 22, 2025

CVE-2025-0395 - Buffer Overflow in GNU C Library assert() Puts Linux Systems at Risk

June 2024 brought a surprising discovery in one of the most-used libraries on Linux: GNU C Library’s (glibc) assert() function is vulnerable to a