CVE CyberSecurity Database News (Page 92)

Apr 10, 2025 Exploit

CVE-2025-2408 - GitLab’s IP Restriction Bypass Exposed Sensitive Data (Exclusive Overview & Exploit Details)

A new vulnerability—CVE-2025-2408—has been uncovered in GitLab Community and Enterprise Editions, affecting versions from 13.12 all the way up to but not

Apr 10, 2025

CVE-2025-32754 - How Insecure SSH Key Generation in jenkins/ssh-agent Docker Images Exposes Your Builds

Published: June 2024 Introduction A new security vulnerability, CVE-2025-32754, has been discovered in the widely used jenkins/ssh-agent Docker images (version 6.11.1 and

Apr 10, 2025 WordPress API Exploit

CVE-2025-3102 - SureTriggers WordPress Plugin Authentication Bypass – How Attackers Can Forge Admin Accounts

The security of your WordPress website is only as strong as the plugins you use. Recently, a critical vulnerability known as CVE-2025-3102 has been discovered

Apr 10, 2025 RCE Exploit PHP

CVE-2024-58136 - Yii2 Behavior Attach Bypass & Wild Exploitation (Exclusive Long Read)

Intro In the early months of 2025, security experts started noticing attacks leveraging a fresh vulnerability in Yii 2 web applications. Dubbed CVE-2024-58136, this bug

Apr 10, 2025

CVE-2025-32728 - How OpenSSH's DisableForwarding Directive Fails to Block X11 and Agent Forwarding (with Exploit Example)

OpenSSH is the most widely used SSH server and client suite out there. It's known for strong security, but sometimes bugs get through