curl: Use-After-Free in OpenSSL Keylog Callback via SSL_get_ex_data() in libcurl

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

Lichess: ImageId Format Injection in Image Upload Endpoint

The image upload endpoint in the Lichess application did not properly validate the 'rel' parameter, allowing an attacker to inject special characters that broke the expected format of the ge ...

Continue Reading

August 12, 2025

Automattic: Woocommerce SQL Injection in WC_Report_Coupon_Usage

A SQL injection vulnerability was found in the WooCommerce plugin version 9.9.3. The vulnerable parameter was 'coupon_codes' in the '/wp-admin/admin.php?page=wc-reports&tab=orde ...

Continue Reading

August 12, 2025

MainWP: Reflected XSS in “Client Notes” Field

A reflected Cross-Site Scripting (XSS) vulnerability was discovered in the "Notes" functionality under the Edit Client section. User input in the notes input field was not properly s ...

Continue Reading

August 12, 2025

curl: HTTP Request Smuggling Vulnerability Analysis – cURL Security Report

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

curl: access notes without permission

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

curl: Title: Remote Code Execution (RCE) via Arbitrary Library Loading in `–engine` option

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

curl: Use after free (or assert triggered) with failed allocations in openssl

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

1 32,369 32,370 32,371 32,372 32,373 385,998

Back to Main
Subscribe for the latest news: