U.S. Dept Of Defense: XSS found in https://www.████████.mil

The security researcher found a reflected cross-site scripting (XSS) vulnerability on the www.████████.mil website. The vulnerability was demonstrated using a proof-of-concept link tha ...

Continue Reading

January 28, 2025

curl: bypass of this Fixed #2437131 [ Inadequate Protocol Restriction Enforcement in curl ]

Vulnerability description not...Read More ...

Continue Reading

January 28, 2025

CVE-2025-23084

A vulnerability has been identified in Node.js, specifically affecting the handling of drive names in the Windows environment. Certain Node.js functions do not treat drive names as special on Windows. ...

Continue Reading

January 28, 2025

Node.js: Usage of unsafe random function in undici for choosing boundary

The vulnerability in the Undici library involves the use of an unsafe random function to choose the boundary for a multipart/form-data request. The use of Math.random() to generate this boundary can b ...

Continue Reading

January 28, 2025

AWS VDP: A potential risk in the experimental-programmatic-access-ccft which can be used to privilege escalation.

The experimental-programmatic-access-ccft application created a function with an associated role that was assigned policies with overly broad "sts:AssumeRole" permissions for &qu ...

Continue Reading

January 28, 2025

Localize: open redirected by host header

Vulnerability description not...Read More ...

Continue Reading

January 28, 2025

AWS VDP: Information Disclosure Due To exposed .env file (Directory Listing) at ████████

Vulnerability description not...Read More ...

Continue Reading

January 28, 2025

AWS VDP: CVE-2020-5902

Vulnerability description not...Read More ...

Continue Reading

January 28, 2025

1 268,508 268,509 268,510 268,511 268,512 385,998

Back to Main
Subscribe for the latest news: