AWS VDP: XSS on Amazon Aquisition: elemental

The XSS vulnerability on Amazon's acquisition of Elemental was identified and addressed. The summary provided a brief overview of the...Read More ...

Continue Reading

August 12, 2025

curl: Use After Free (that leads to arbitrary Write for some versions)

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

curl: Use after free (or assert triggered) with failed allocations in openssl

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

Lichess: CSRF at Network feature

A CSRF vulnerability was found in the network feature, where an attacker could change the Network Routing settings by sending a CSRF script to the...Read More ...

Continue Reading

August 12, 2025

curl: Arbitrary File Read via file:// Protocol in cURL

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

MainWP: Reflected XSS in “Create Category” Functionality of Post Creation Module

A reflected Cross-Site Scripting (XSS) vulnerability was identified in the "Create Category" feature of the post creation functionality. When a user entered a malicious JavaScript pa ...

Continue Reading

August 12, 2025

Mozilla: Bypass “No Links” Restriction in Biography via Protocol-Relative URL (//)

The report identifies a bypass vulnerability in the biography field on addons.allizom.org. Despite the application's policy against allowing links, it was possible to embed functional hyperlinks ...

Continue Reading

August 12, 2025

curl: access notes without permission

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

1 32,397 32,398 32,399 32,400 32,401 385,998

Back to Main
Subscribe for the latest news: