CVE CyberSecurity Database News (Page 43)

Sep 22, 2025 Exploit

CVE-2025-59799 - Stack-Based Buffer Overflow in Artifex Ghostscript (`pdfmark_coerce_dest`) - Deep Dive, Exploit, and Mitigation

--- Artifex Ghostscript is a widely-used interpreter for PostScript and PDF files. On June 2025, researchers found a new high-impact vulnerability, cataloged as CVE-2025-59799, exposing

Sep 19, 2025 Exploit

CVE-2025-10630 - Grafana-Zabbix Plugin ReDoS Vulnerability Explained (w/ Exploit Example)

Grafana is a popular open-source platform used for monitoring and observability. Its flexibility and plugin support make it a staple in system monitoring setups. One

Sep 19, 2025 RCE Exploit PHP

CVE-2025-48703 - Unauthenticated Remote Code Execution in CWP (Control Web Panel) File Manager – Full Exploit Guide

--- Published: June 2024 Vulnerable Software: CWP (Control Web Panel, formerly CentOS Web Panel) < .9.8.1205 Vulnerability Type: Remote Code Execution (RCE) Attack

Sep 18, 2025 API Exploit Java

CVE-2025-10035 - GoAnywhere MFT License Servlet Deserialization Flaw — How It Works and Why It Matters

In early 2025, a serious vulnerability—CVE-2025-10035—was disclosed affecting Fortra’s GoAnywhere Managed File Transfer (MFT) solution. A bug in the License Servlet allows

Sep 18, 2025

CVE-2025-47906 - RCE in Go’s `LookPath` When PATH Contains Executables Instead of Folders

A newly disclosed vulnerability, CVE-2025-47906, has been found in the popular Go programming language’s os/exec library. If the PATH environment variable ($PATH) contains