curl: Exposure of Hard-coded Private Keys and Credentials in curl Source Repository (CWE-321)

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

HackerOne: Account takeover of existing HackerOne accounts through SCIM provisioning

The SCIM provisioning feature in HackerOne's sandbox program was vulnerable to account takeover. An attacker could create a user with an email they controlled, import existing users, assign the v ...

Continue Reading

August 12, 2025

curl: Insecure WebSocket Usage in curl Documentation and Examples (CWE-319: Cleartext Transmission of Sensitive Information)

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

MainWP: Reflected XSS in “Create Category” Functionality of Post Creation Module

A reflected Cross-Site Scripting (XSS) vulnerability was identified in the "Create Category" feature of the post creation functionality. When a user entered a malicious JavaScript pa ...

Continue Reading

August 12, 2025

curl: Unsafe Global IFS Modification in OS400 Shell Script Enables Command Injection and Parsing Flaws (CWE-78/CWE-20)

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

CVE-2025-8885

Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java on All (API modules) allows Excessive Allocation. This vulnerability is as ...

Continue Reading

August 12, 2025

Weblate: exposure of personal IP address via email.

The exposure of personal IP addresses through email messages has been identified as a potential security issue. Email messages can pass through multiple servers, which may store or record the content, ...

Continue Reading

August 12, 2025

curl: Failure to strip Proxy-Authorization header on change in origin

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

1 32,316 32,317 32,318 32,319 32,320 385,998

Back to Main
Subscribe for the latest news: