CVE-2025-0314 impacts GitLab

CVE-2025-0314 is a high-severity cross-site scripting (XSS) vulnerability identified in GitLab, a widely used platform for version control, CI/CD, and DevOps. This vulnerability enables attackers to inject malicious scripts into GitLab instances by exploiting improper rendering of certain file types. The vulnerability poses significant risks, including session hijacking, data theft, and unauthorized control over affected […]

LibreOffice Flaws Allow Attackers to Run Malicious Files on Windows

itsecuritynews.info - 27/Feb 06:04

A high-severity security vulnerability (CVE-2025-0514) in LibreOffice, the widely used open-source office suite, has been patched after researchers...

CVE-2025-0337 impacts ServiceNow

thecyberthrone.in - 08/Mar 14:55

CVE-2025-0337 is classified as a high-severity authorization bypass vulnerability impacting the ServiceNow Now Platform, specifically targeting the...

GitLab Vulnerabilities Allow Attackers to Bypass Security and Run Arbitrary Scripts

itsecuritynews.info - 27/Feb 06:31

GitLab has urgently released security updates to address multiple high-severity vulnerabilities in its platform that could allow attackers to bypass...

CVE-2025-23363 impacts Siemens TeamCenter

thecyberthrone.in - 02/Mar 11:28

CVE-2025-23363 is a high-severity vulnerability identified in Siemens Teamcenter, a product lifecycle management (PLM) software suite used by...

CVE-2025-25012 impacts Kibana

thecyberthrone.in - 07/Mar 01:12

CVE-2025-25012 is a critical vulnerability identified in Elastic Kibana, a widely used data visualization and exploration platform for Elasticsearch....

Cisco Nexus Switch Vulnerability Allows Attackers to Cause DoS

itsecuritynews.info - 27/Feb 05:32

Cisco Systems has disclosed a high-severity vulnerability (CVE-2025-20111) in its Nexus 3000 and 9000 Series Switches operating in standalone NX-OS...

CVE-2025-20059 impacts Ping Identity

thecyberthrone.in - 01/Mar 13:10

CVE-2025-20059 represents a critical security vulnerability known as a Relative Path Traversal flaw, which impacts the Ping Identity PingAM Java...

Cisco Webex for BroadWorks Vulnerability Let Remote Attackers Access Data & Credentials

itsecuritynews.info - 05/Mar 15:04

A newly disclosed vulnerability in Cisco Webex for BroadWorks Release 45.2 enables remote attackers to intercept sensitive credentials and user data...

WordPress Plugin Vulnerability Exposes 10,000 Sites to Code Execution Attacks

itsecuritynews.info - 05/Mar 15:04

A critical security flaw in the GiveWP Donation Plugin tracked as CVE-2025-0912, has exposed over 100,000 WordPress websites to unauthenticated remote...

Mirai-based botnets exploit CVE-2025-1316 zero-day in Edimax IP cameras

securityaffairs.co - 07/Mar 19:18

Mirai-based botnets are exploiting a zero-day flaw, tracked as CVE-2025-1316, in Edimax IP cameras, to achieve remote command execution. US CISA warns...

Rubriques :