CVE CyberSecurity Database News (Page 87)

Apr 14, 2025 Exploit

CVE-2025-2475 - How a Cache Bug Lets Attackers Hijack Bots in Mattermost (with Working Exploit)

--- Summary: A new vulnerability, CVE-2025-2475, has been found in Mattermost — the popular open-source messaging platform used by teams everywhere. In several recent versions, the

Apr 14, 2025

CVE-2025-32906 - Breaking Down the libsoup Out-of-Bounds Read Vulnerability

In early 2025, a significant security flaw was discovered in libsoup, a popular HTTP library used widely in Linux applications and web servers. The bug,

Apr 14, 2025 Exploit Apache

CVE-2025-32907 - How a Bug in libsoup’s HTTP Range Handling Can Eat Your Server’s Memory

A new security issue, tracked as CVE-2025-32907, was recently found in libsoup, a popular HTTP library used on Linux systems (especially in GNOME and web

Apr 14, 2025 RCE Exploit

CVE-2025-32913 - Crashing Libsoup via NULL Pointer Dereference in soup_message_headers_get_content_disposition()

--- Introduction On June 10, 2024, CVE-2025-32913 was published detailing a critical vulnerability in libsoup, a widely used HTTP client/server library for GNOME and

Apr 14, 2025 XSS Exploit Java Apache

CVE-2025-24859 - Apache Roller Session Invalidation Flaw Explained (with Example & Exploit Details)

A new security vulnerability has been found in the Apache Roller blog server, tracked as CVE-2025-24859. Before version 6.1.5, Roller failed to invalidate