The vulnerability in the Undici library involves the use of an unsafe random function to choose the boundary for a multipart/form-data request. The use of Math.random() to generate this boundary can b ...
Continue Reading
January 27, 2025
The Capabilites implementation in CosmWasm contracts was found to have a vulnerability. Even if the executing chain did not allow a specific capability, a CosmWasm contract could still execute actions ...
Continue Reading
January 27, 2025
The incorrect display of the download source in the Brave download alert was identified. Instead of displaying the actual source of the downloaded file, the browser displayed the referrer header value ...
Continue Reading
January 27, 2025
The vulnerability on a TikTok endpoint that allowed unauthorized viewing of videos from private accounts was discovered and reported by @datph4m. The issue was subsequently...Read More ...
Continue Reading
January 27, 2025
The security researcher found a reflected cross-site scripting (XSS) vulnerability on the www.████████.mil website. The vulnerability was demonstrated using a proof-of-concept link tha ...
Continue Reading
January 27, 2025
Vulnerability description not...Read More ...
Continue Reading
January 27, 2025
CVE-2024-41990: Potential denial-of-service in django.utils.html.urlize() A vulnerability was reported in the Django web framework's urlize() function, which could lead to a denial-of-service att ...
Continue Reading
January 27, 2025
A potential risk was found in the cloudFrontExtensionsConsole when it was deployed in the awslabs repository on GitHub. The functions created by the application had excessive permissions that could be ...
Continue Reading
January 27, 2025
Back to Main
