Mozilla: Bypass “No Links” Restriction in Biography via Protocol-Relative URL (//)
The report identifies a bypass vulnerability in the biography field on addons.allizom.org. Despite the application's policy against allowing links, it was possible to embed functional hyperlinks ...
Continue Reading
August 12, 2025
curl: Use-After-Free in OpenSSL Keylog Callback via SSL_get_ex_data() in libcurl
Vulnerability description not...Read More ...
Continue Reading
August 12, 2025
curl: GnuTLS CURLINFO_TLS_SESSION / CURLINFO_TLS_SSL_PTR type confusion
Vulnerability description not...Read More ...
Continue Reading
August 12, 2025
Node.js: Windows Device Names Still Allow Path Traversal in UNC Paths After CVE-2025-27210 Fix
Vulnerability description not...Read More ...
Continue Reading
August 12, 2025
curl: Vulnerability Report: Public Exposure of Security Audit File
Vulnerability description not...Read More ...
Continue Reading
August 12, 2025
curl: Use after free (or assert triggered) with failed allocations in openssl
Vulnerability description not...Read More ...
Continue Reading
August 12, 2025
curl: OS Command Injection in scripts/firefox-db2pem.sh via untrusted certificate nicknames
Vulnerability description not...Read More ...
Continue Reading
August 12, 2025
curl: Path Traversal in SFTP QUOTE command leads to Arbitrary File Write and potential RCE
Vulnerability description not...Read More ...
Continue Reading
August 12, 2025
Back to Main
