CVE-2025-25199 - Memory Leak Vulnerability in go-crypto-winnative’s CNG TLS1PRF Function on Windows
Summary:
A memory leak bug (CVE-2025-25199) was discovered in Microsoft’s go-crypto-winnative—the Go crypto backend for Windows using Cryptography API: Next Generation (CNG). Before
CVE-2025-25743 - New Command Injection Flaw in D-Link DIR-853 A1 (FW1.20B07) – Detailed Analysis & Exploitation
In early 2025, a severe vulnerability was found in the D-Link DIR-853 A1 router, running firmware version 1.20B07. Tracked as CVE-2025-25743, this security flaw
CVE-2025-25184 - Breaking Ruby Rack Logs via CRLF Injection in Rack::CommonLogger
A critical vulnerability identified as CVE-2025-25184 has been found in the popular Ruby web framework library, Rack. Depending on how user input is handled and
CVE-2025-0516 - Exploiting Improper Authorization in GitLab CE/EE - How Limited Users Gain Unauthorized Access to Critical Project Data
On January 18, 2025, GitLab published an advisory for CVE-2025-0516, which discloses a serious improper authorization vulnerability in both GitLab Community Edition (CE) and Enterprise
CVE-2025-1244 - Command Injection Flaw Exposes Emacs Users to Remote Shell Attacks
A serious security issue, identified as CVE-2025-1244, was discovered in GNU Emacs—one of the oldest and most popular text editors. This flaw could allow
Episode
00:00:00
00:00:00