CVE-2025-1413 - DaVinci Resolve for MacOS Vulnerable to Dylib Hijacking via 777 File Permissions
---
Summary:
A critical security flaw (CVE-2025-1413) has been discovered in DaVinci Resolve for macOS, where the application’s directory and files are installed with
CVE-2024-13796 - How a WordPress Plugin Exposed User Emails & Sensitive Info
WordPress powers millions of websites, and plugins make it even more powerful. But even popular plugins can have serious bugs. This is the case with
CVE-2025-25728 - Bosscomm IF740 Firmware Leak Exposes Sensitive Data in Plaintext API Calls
In early 2025, cybersecurity researchers disclosed a critical vulnerability—CVE-2025-25728—in the Bosscomm IF740 IoT device. This problem affects devices running Firmware versions 11001.7078
CVE-2024-55160 - SQL Injection in GFast v2 to v3.2 via the `OrderBy` Parameter
In the ongoing battle for cybersecurity, SQL injection vulnerabilities remain a top threat for web applications. In this blog post, we focus on a newly
CVE-2024-51138 - Remote Code Execution in DrayTek Vigor Routers via TR-069 STUN URL Parsing (Exploit and Technical Deep-Dive)
---
A new critical vulnerability, CVE-2024-51138, has been identified in several popular DrayTek Vigor router models (source). This security flaw could let a remote hacker
Episode
00:00:00
00:00:00