Node.js: Usage of unsafe random function in undici for choosing boundary

The vulnerability in the Undici library involves the use of an unsafe random function to choose the boundary for a multipart/form-data request. The use of Math.random() to generate this boundary can b ...

Continue Reading

January 28, 2025

Doppler: Availability Impact from Exploiting Project Name Vulnerabilities

The vulnerability allowed a user to change the project name to a malicious string, which resulted in other users being logged out of their accounts when they attempted to access the project. This led ...

Continue Reading

January 28, 2025

Nextcloud: Blind SSRF Vulnerability in Appstore Release Upload Form

Vulnerability description not...Read More ...

Continue Reading

January 28, 2025

U.S. Dept Of Defense: XSS found in https://www.████████.mil

The security researcher found a reflected cross-site scripting (XSS) vulnerability on the www.████████.mil website. The vulnerability was demonstrated using a proof-of-concept link tha ...

Continue Reading

January 28, 2025

autoglasswarehouse.com.au Cross Site Scripting vulnerability OBB-4012647

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified th ...

Continue Reading

January 28, 2025

curl: Hackers Attack Curl Vulnerability Accessing Sensitive Information

Vulnerability description not...Read More ...

Continue Reading

January 28, 2025

AWS VDP: CVE-2020-5902

Vulnerability description not...Read More ...

Continue Reading

January 28, 2025

WordPress: Unauthenticated WordPress Database Repair DoS

Vulnerability description not...Read More ...

Continue Reading

January 28, 2025

1 268,580 268,581 268,582 268,583 268,584 385,998

Back to Main
Subscribe for the latest news: