Nintendo: Man-in-the-middle through broken SSL certificate verification

The vulnerability allowed an attacker to perform a man-in-the-middle attack by bypassing SSL certificate...Read More ...

Continue Reading

August 12, 2025

curl: HTTP Proxy Bypass via `CURLOPT_CUSTOMREQUEST` Verb Tunneling

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

GitHub: Sample report: Denial of service

The denial of service vulnerability was identified in the system. The vulnerability could have allowed an attacker to disrupt the availability of the system by exhausting its...Read More ...

Continue Reading

August 12, 2025

curl: arbitrary file read via `file://` path traversal with `–path-as-is`

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

AWS VDP: XSS on Amazon Aquisition: elemental

The XSS vulnerability on Amazon's acquisition of Elemental was identified and addressed. The summary provided a brief overview of the...Read More ...

Continue Reading

August 12, 2025

Mozilla: Bypass “No Links” Restriction in Biography via Protocol-Relative URL (//)

The report identifies a bypass vulnerability in the biography field on addons.allizom.org. Despite the application's policy against allowing links, it was possible to embed functional hyperlinks ...

Continue Reading

August 12, 2025

curl: Default Minimum TLS Version Set to TLS v1.0 (Cryptographic Weakness)

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

Lichess: Path Traversal Vulnerability in Lila Project

A path traversal vulnerability was discovered in the Lila project that allowed an attacker to access arbitrary files on the server by manipulating user-supplied input to traverse outside the intended ...

Continue Reading

August 12, 2025

1 32,505 32,506 32,507 32,508 32,509 385,998

Back to Main
Subscribe for the latest news: