API - CVE CyberSecurity Database News (Page 24)

Mar 31, 2025 RCE API Exploit PHP

CVE-2025-31103 - a-blog cms Untrusted Data Deserialization — Arbitrary File Upload and Remote Code Execution

A new critical vulnerability has been uncovered in a-blog cms, a popular content management system widely used across various web applications. Tracked as CVE-2025-31103, this

Mar 28, 2025 API Exploit

CVE-2024-6875 - Exploiting Buffer Leak in Red Hat Data Grid's Infinispan REST Compare API

Recently, a significant vulnerability was discovered in the Infinispan component of Red Hat Data Grid: CVE-2024-6875. This flaw centers on the REST Compare API, where

Mar 28, 2025 Windows API Exploit

CVE-2025-2917 - Path Traversal in ChestnutCMS up to 1.5.3 via `/dev-api/cms/file/read` – Analysis & Exploit

CVE-2025-2917 is a serious vulnerability recently discovered in ChestnutCMS versions up to 1.5.3. This vulnerability allows a remote attacker to read arbitrary files

Mar 28, 2025 API

CVE-2025-29928 - Unrevoked Session Bug in Authentik Exposes Open Sessions Even After Deletion

Published: June 2024 <br>Severity: High <br>Product: authentik (Open-source Identity Provider) <br>Affected Versions: Before 2024.12.4

Mar 28, 2025 API Exploit

CVE-2024-12619 - Hidden Gate – Uncovering Unauthorized Project Access in GitLab CE/EE

Summary: A critical security flaw, CVE-2024-12619, was recently found in GitLab Community and Enterprise Editions (GitLab CE/EE). This vulnerability, present in versions from 16.