Automattic: Woocommerce SQL Injection in WC_Report_Coupon_Usage

A SQL injection vulnerability was found in the WooCommerce plugin version 9.9.3. The vulnerable parameter was 'coupon_codes' in the '/wp-admin/admin.php?page=wc-reports&tab=orde ...

Continue Reading

August 12, 2025

CVE-2025-8885 Possible DOS in processing specially formed ASN.1 Object Identifiers

Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java on All (API modules) allows Excessive Allocation. This vulnerability is as ...

Continue Reading

August 12, 2025

curl: Path Traversal in SFTP QUOTE command leads to Arbitrary File Write and potential RCE

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

curl: Use After Free (that leads to arbitrary Write for some versions)

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

curl: HTTP Proxy Bypass via `CURLOPT_CUSTOMREQUEST` Verb Tunneling

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

Mozilla: Bypass “No Links” Restriction in Biography via Protocol-Relative URL (//)

The report identifies a bypass vulnerability in the biography field on addons.allizom.org. Despite the application's policy against allowing links, it was possible to embed functional hyperlinks ...

Continue Reading

August 12, 2025

curl: Arbitrary File Read via Unsanitized curl Usage Results in Sensitive File Exposure

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

curl: Vulnerability Report: Public Exposure of Security Audit File

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

1 32,402 32,403 32,404 32,405 32,406 385,998

Back to Main
Subscribe for the latest news: