Lichess: CSRF at Network feature

A CSRF vulnerability was found in the network feature, where an attacker could change the Network Routing settings by sending a CSRF script to the...Read More ...

Continue Reading

August 12, 2025

WakaTime: Double Clickjacking Attack on WakaTime OAuth Authorization Flow at https://wakatime.com/oauth/authorize

The WakaTime OAuth authorization flow was vulnerable to a double-clickjacking attack. The attack allowed an attacker to trick users into unknowingly clicking the "Connect my WakaTime account& ...

Continue Reading

August 12, 2025

curl: GnuTLS CURLINFO_TLS_SESSION / CURLINFO_TLS_SSL_PTR type confusion

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

curl: HTTP Proxy Bypass via `CURLOPT_CUSTOMREQUEST` Verb Tunneling

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

GitHub: Sample report: Denial of service

The denial of service vulnerability was identified in the system. The vulnerability could have allowed an attacker to disrupt the availability of the system by exhausting its...Read More ...

Continue Reading

August 12, 2025

curl: OpenSSL HTTP/3 bogus CURLINFO_TLS_SSL_PTR

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

curl: CRLF injection in libcurl’s SMTP client via –mail-from and –mail-rcpt allows SMTP command smuggling

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

curl: Path Traversal in SFTP QUOTE command leads to Arbitrary File Write and potential RCE

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

1 32,475 32,476 32,477 32,478 32,479 385,998

Back to Main
Subscribe for the latest news: