AWS VDP: CVE-2020-5902

Vulnerability description not...Read More ...

Continue Reading

January 28, 2025

HackerOne: Hackerone supports accounts organitation takeover

The HackerOne email change process was found to have a vulnerability where the system automatically verifies the email address if the verification link is opened in any browser, even by email scanning ...

Continue Reading

January 28, 2025

Node.js: Usage of unsafe random function in undici for choosing boundary

The vulnerability in the Undici library involves the use of an unsafe random function to choose the boundary for a multipart/form-data request. The use of Math.random() to generate this boundary can b ...

Continue Reading

January 28, 2025

curl: bypass of this Fixed #2437131 [ Inadequate Protocol Restriction Enforcement in curl ]

Vulnerability description not...Read More ...

Continue Reading

January 28, 2025

Doppler: WAF bypass and java script incomplete handling of Unicode characters might leads to dom-xss

Vulnerability description not...Read More ...

Continue Reading

January 28, 2025

curl: When curl uses Schannel as TLS backend, it fails to enforce TLS 1.3 cipher suite selections correctly

Vulnerability description not...Read More ...

Continue Reading

January 28, 2025

AWS VDP: A potential risk in the cloudFrontExtensionsConsole which can be used to privilege escalation.

A potential risk was found in the cloudFrontExtensionsConsole when it was deployed in the awslabs repository on GitHub. The functions created by the application had excessive permissions that could be ...

Continue Reading

January 28, 2025

Mozilla: Denial of Access to Static Resources via Cache Poisoning on addons.allizom.org

A cache poisoning vulnerability was identified on addons.allizom.org that allowed an attacker to block access to static resources such as images and JavaScript files. The issue was exploited by proces ...

Continue Reading

January 28, 2025

1 268,258 268,259 268,260 268,261 268,262 385,998

Back to Main
Subscribe for the latest news: