CVE-2025-2905 - XXE in WSO2 API Manager Gateway – Exploiting XML Path Injection for Data Theft and Denial of Service
Published: 2024-06-01 <br>Severity: High <br>CVSS: 8.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/
CVE-2025-4166 - How HashiCorp Vault kv v2 Plugin Could Leak Secrets via API – Explained
Summary:
A new vulnerability, CVE-2025-4166, affects HashiCorp Vault users worldwide. Vault Community and Vault Enterprise Key/Value (kv) Version 2 plugin may expose sensitive information
CVE-2025-29825 - User Interface (UI) Misrepresentation in Microsoft Edge Opens Doors for Spoofing Attacks
Microsoft Edge, based on Chromium, is one of the most popular web browsers. It promises users reliable security, but a newly disclosed vulnerability, CVE-2025-29825, exposes
CVE-2022-49931 - Kernel Crash in Linux hfi1 Driver Due to Incorrect List Handling
Summary
CVE-2022-49931 is a vulnerability in the Linux kernel's hfi1 driver for Infiniband devices. It causes a kernel crash when a link goes
CVE-2022-49924 - Linux Kernel NFC Driver Memory Leak Explained & Exploited
The Linux kernel is known for robust performance and security, but sometimes bugs slip through the cracks. One of these is CVE-2022-49924, a vulnerability in
Episode
00:00:00
00:00:00