CVE CyberSecurity Database News (Page 80)

Apr 14, 2025 Exploit Apache

CVE-2025-32907 - How a Bug in libsoup’s HTTP Range Handling Can Eat Your Server’s Memory

A new security issue, tracked as CVE-2025-32907, was recently found in libsoup, a popular HTTP library used on Linux systems (especially in GNOME and web

Apr 14, 2025 RCE Exploit

CVE-2025-32913 - Crashing Libsoup via NULL Pointer Dereference in soup_message_headers_get_content_disposition()

--- Introduction On June 10, 2024, CVE-2025-32913 was published detailing a critical vulnerability in libsoup, a widely used HTTP client/server library for GNOME and

Apr 14, 2025 XSS Exploit Java Apache

CVE-2025-24859 - Apache Roller Session Invalidation Flaw Explained (with Example & Exploit Details)

A new security vulnerability has been found in the Apache Roller blog server, tracked as CVE-2025-24859. Before version 6.1.5, Roller failed to invalidate

Apr 14, 2025

CVE-2025-31344 - Heap-based Buffer Overflow in openEuler giflib's gif2rgb.C (through 5.2.2) Explained

In early 2025, a new vulnerability shocked parts of the open-source world: CVE-2025-31344, a heap-based buffer overflow in the giflib library used by many Linux

Apr 14, 2025 API Exploit

CVE-2025-32093 - Mattermost Improper Permission Validation Lets Non-Admins Modify System Administrators (With Exploit Details)

On June 2024, the security community identified a critical vulnerability in Mattermost, the popular open-source messaging platform designed for teams and enterprises. Tracked as CVE-2025-32093,