CVE CyberSecurity Database News (Page 335)

Jan 21, 2025 RCE Exploit

CVE-2024-42936 - Remote Code Execution in Ruijie RG-EW300N via MQTT (mqlink.elf) – Explained

CVE-2024-42936 uncovers a serious vulnerability in the Ruijie RG-EW300N wireless router running firmware ReyeeOS 1.300.1422. In this post, you’ll learn what this

Jan 21, 2025 API Exploit

CVE-2024-51417 - Remote Access Exploit in System.Linq.Dynamic.Core Before 1.6.—What Developers Should Know

System.Linq.Dynamic.Core is a widely-used .NET library that lets you build LINQ queries dynamically. This flexibility is great for developers, but sometimes, it

Jan 21, 2025 API Exploit

CVE-2025-23369 - Inside the Signature Spoofing Flaw in GitHub Enterprise Server

In mid-2024, a significant security vulnerability, now known as CVE-2025-23369, was discovered in GitHub Enterprise Server (“GHES”). This flaw centers on the way cryptographic signatures

Jan 21, 2025

CVE-2025-22150 - The Predictable Boundary Flaw in Undici http/1.1 Client (Exploit Breakdown & Fixes)

CVE-2025-22150 highlights how even popular and widely used Node.js libraries can fall to security lapses when basic randomness is underestimated. This exclusive long-read explains

Jan 21, 2025 API PHP

CVE-2025-24011 - Information Disclosure in Umbraco CMS UserExistance via API Timing Attack

In June 2025, a new vulnerability has been disclosed for the Umbraco .NET content management system (CMS), tracked as CVE-2025-24011. This issue affects all releases