CVE CyberSecurity Database News (Page 33)

Apr 16, 2025 iOS Exploit

CVE-2025-31200 - A Deep Dive into Apple’s Recent Memory Corruption Flaw and Its Real-World Exploit

CVE-2025-31200 is a critical memory corruption vulnerability that was recently patched by Apple. The flaw affects the core media frameworks on various Apple devices and

Apr 16, 2025 Exploit

CVE-2025-22872 - Critical HTML Tokenizer Bug Exposes DOM Manipulation Flaws in Foreign Content Like `<svg>` and `<math>`

A new security concern, CVE-2025-22872, has been identified in widely-used HTML parsing libraries. This issue focuses on how the tokenizer misinterprets certain tags—specifically, tags

Apr 16, 2025 Cisco

CVE-2025-20236 - Cisco Webex App Custom URL Parser Bug Lets Attackers Run Commands on Your PC

A brand new high-risk vulnerability, CVE-2025-20236, has been uncovered in the Cisco Webex App. This bug lives in the way Webex handles URLs in meeting

Apr 16, 2025 Jira

CVE-2025-31363 - Exploiting Server-Side Request Forgery in Mattermost AI Plugin’s Jira Tool

In June 2024, a new vulnerability, CVE-2025-31363, was disclosed in Mattermost—a popular open-source team collaboration tool. This bug is especially worrying for organizations using

Apr 16, 2025

CVE-2025-27936 - How a Timing Attack Leaked MSTeams Plugin Webhook Secrets in Mattermost

On February 2025, Mattermost disclosed CVE-2025-27936, a serious vulnerability affecting the MS Teams Plugin (<2.1.) and the Mattermost Server (10.5.x up