curl: CVE-2024-11053: netrc + redirect credential leak

CVE-2024-11053 was a logic flaw in Curl that resulted in a credential leak during redirects. The issue was caused by the way Curl processed netrc credentials when performing redirects. Under certain c ...

Continue Reading

January 27, 2025

U.S. Dept Of Defense: XSS found in https://www.████████.mil

The security researcher found a reflected cross-site scripting (XSS) vulnerability on the www.████████.mil website. The vulnerability was demonstrated using a proof-of-concept link tha ...

Continue Reading

January 27, 2025

AWS VDP: CVE-2020-5902

Vulnerability description not...Read More ...

Continue Reading

January 27, 2025

Mozilla: Denial of Access to Static Resources via Cache Poisoning on addons.allizom.org

A cache poisoning vulnerability was identified on addons.allizom.org that allowed an attacker to block access to static resources such as images and JavaScript files. The issue was exploited by proces ...

Continue Reading

January 27, 2025

Node.js: Usage of unsafe random function in undici for choosing boundary

The vulnerability in the Undici library involves the use of an unsafe random function to choose the boundary for a multipart/form-data request. The use of Math.random() to generate this boundary can b ...

Continue Reading

January 27, 2025

curl: bypass of this Fixed #2437131 [ Inadequate Protocol Restriction Enforcement in curl ]

Vulnerability description not...Read More ...

Continue Reading

January 27, 2025

espaimacia.cat Cross Site Scripting vulnerability OBB-4015297

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified th ...

Continue Reading

January 27, 2025

Localize: open redirected by host header

Vulnerability description not...Read More ...

Continue Reading

January 27, 2025

1 268,879 268,880 268,881 268,882 268,883 385,998

Back to Main
Subscribe for the latest news: