CVE CyberSecurity Database News

Mar 21, 2025 Exploit

CVE-2025-29927 - A Deep Dive Into the Next.js Authorization Bypass Vulnerability

Next.js is a popular React framework that developers utilize to build full-stack web applications. A recent vulnerability, with the CVE identifier CVE-2025-29927, was discovered

Mar 21, 2025 Exploit

CVE-2021-25635 - Improper Certificate Validation in LibreOffice Allows Spoofing of Document Signatures

A recent vulnerability discovered in LibreOffice (CVE-2021-25635) allows an attacker to exploit an improper certificate validation flaw, making it possible to self-sign an Open Document

Mar 20, 2025 Exploit

CVE-2025-29923: Out-of-Order Responses in go-redis Versions Prior to 9.5.5, 9.6.3, and 9.7.3

Description: go-redis, the official Redis client library for the Go programming language, has a vulnerability that could potentially cause out-of-order responses in its versions prior

Mar 20, 2025 RCE Exploit

CVE-2025-23120 - Critical Vulnerability Allowing Remote Code Execution for Domain Users: Exploit Details and Mitigation Strategies

A newly discovered vulnerability, CVE-2025-23120, affects a widespread software component and poses a significant security risk to organizations across various industries. This vulnerability allows remote

Mar 20, 2025 Exploit

CVE-2024-4990: A Deep Dive Into the Vulnerability in yiisoft/yii2 v2..48

This post presents an in-depth analysis of the vulnerability found in the yiisoft/yii2 version 2..48. This vulnerability, identified as CVE-2024-4990, exists within the