XVIDEOS: Stored XSS via SMTP Error Message

A Stored Cross-Site Scripting (XSS) vulnerability was identified on the /account/email page for www.xvideos.com. The vulnerability arose from the improper handling of SMTP error messages, which were p ...

Continue Reading

January 27, 2025

curl: Exploitable Format String Vulnerability in curl_mfprintf Function

Vulnerability description not...Read More ...

Continue Reading

January 27, 2025

Localize: open redirected by host header

Vulnerability description not...Read More ...

Continue Reading

January 27, 2025

WordPress: Unauthenticated WordPress Database Repair DoS

Vulnerability description not...Read More ...

Continue Reading

January 27, 2025

curl: When curl uses Schannel as TLS backend, it fails to enforce TLS 1.3 cipher suite selections correctly

Vulnerability description not...Read More ...

Continue Reading

January 27, 2025

XVIDEOS: Lack of Rate Limiting on Account Creation Endpoint

The account creation process of www.xvideos.red was found to lack proper rate limiting mechanisms on the /account/signinform/premium_tour_login endpoint. This security flaw allowed for automated creat ...

Continue Reading

January 27, 2025

Brave Software: Incorrect security UI of files’ download source on brave MacOS

The incorrect display of the download source in the Brave download alert was identified. Instead of displaying the actual source of the downloaded file, the browser displayed the referrer header value ...

Continue Reading

January 27, 2025

Doppler: Availability Impact from Exploiting Project Name Vulnerabilities

The vulnerability allowed a user to change the project name to a malicious string, which resulted in other users being logged out of their accounts when they attempted to access the project. This led ...

Continue Reading

January 27, 2025

1 268,946 268,947 268,948 268,949 268,950 385,998

Back to Main
Subscribe for the latest news: