curl: CVE-2024-11053: netrc + redirect credential leak

CVE-2024-11053 was a logic flaw in Curl that resulted in a credential leak during redirects. The issue was caused by the way Curl processed netrc credentials when performing redirects. Under certain c ...

Continue Reading

January 28, 2025

Internet Bug Bounty: netrc and redirect credential leak

The netrc file in curl could lead to the unintentional leakage of a password to a different host when following HTTP redirects, if the netrc file had an entry matching the redirect target hostname but ...

Continue Reading

January 28, 2025

U.S. Dept Of Defense: XSS vulnerability found in javascript code of https://███.mil

The XSS vulnerability was found in the JavaScript code of the website https://███.mil. The parameter "code" was not sufficiently sanitized, allowing the injection of malicious ...

Continue Reading

January 28, 2025

curl: bypass of this Fixed #2437131 [ Inadequate Protocol Restriction Enforcement in curl ]

Vulnerability description not...Read More ...

Continue Reading

January 28, 2025

AWS VDP: Reflected XSS on Amazon EC2 Instance

Vulnerability description not...Read More ...

Continue Reading

January 28, 2025

AWS VDP: Information Disclosure Due To exposed .env file (Directory Listing) at ████████

Vulnerability description not...Read More ...

Continue Reading

January 28, 2025

Automattic: Open redirect via redirect_to parameter in tumblr.com

The Tumblr website was affected by an open redirect vulnerability that allowed an attacker to redirect users to a specified URL through the "redirect_to" parameter. This vulnerabilit ...

Continue Reading

January 28, 2025

curl: When curl uses Schannel as TLS backend, it fails to enforce TLS 1.3 cipher suite selections correctly

Vulnerability description not...Read More ...

Continue Reading

January 28, 2025

1 268,732 268,733 268,734 268,735 268,736 385,998

Back to Main
Subscribe for the latest news: