CVE CyberSecurity Database News (Page 89)

Apr 14, 2025 API Exploit

CVE-2025-3572 - Unauthenticated SSRF in INTUMIT SmartRobot Lets Attackers Probe Internal Network and Access Files

On May 7, 2025, a new vulnerability—CVE-2025-3572—was disclosed in INTUMIT’s SmartRobot platform. This severe flaw can be exploited by unauthenticated remote attackers

Apr 13, 2025

CVE-2025-3445 - Unpacking Danger — "Zip Slip" Path Traversal in mholt/archiver for Go

A new path traversal vulnerability, now identified as CVE-2025-3445, has been discovered in the popular Go library mholt/archiver. This security flaw, commonly called a

Apr 13, 2025 Exploit

CVE-2024-56406 - Heap Buffer Overflow in Perl `tr///` Operator — How it Works, Exploit Scenario, and Fixes

A newly discovered critical security flaw affects several versions of the Perl programming language — a heap buffer overflow vulnerability tracked as CVE-2024-56406. This issue lives

Apr 13, 2025 Windows Exploit

CVE-2025-2814 - Insecure Random Number Source Weakens Perl Crypt::CBC Encryption

In this long read, we explore a serious vulnerability (CVE-2025-2814) affecting Crypt::CBC—a popular Perl module used for encryption. If you work with Perl,

Apr 12, 2025 WordPress PHP

CVE-2025-3418 - How a Simple Bug in WPC Admin Columns Plugin Let Subscribers Become Administrators

A serious vulnerability—now tracked as CVE-2025-3418—was discovered in the popular WPC Admin Columns WordPress plugin (versions 2..6 to 2.1.). This bug,