Hemi VDP: WordPress Version Exposure via ███████ on hemi.xyz

The WordPress CMS version was exposed in the XML file at https://hemi.xyz███. This disclosure allowed attackers to fingerprint the CMS...Read More ...

Continue Reading

August 12, 2025

curl: Disk Space Exhaustion leading to a Denial of Service (DoS)

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

MainWP: Reflected XSS in “Client Notes” Field

A reflected Cross-Site Scripting (XSS) vulnerability was discovered in the "Notes" functionality under the Edit Client section. User input in the notes input field was not properly s ...

Continue Reading

August 12, 2025

HackerOne: Account takeover of existing HackerOne accounts through SCIM provisioning

The SCIM provisioning feature in HackerOne's sandbox program was vulnerable to account takeover. An attacker could create a user with an email they controlled, import existing users, assign the v ...

Continue Reading

August 12, 2025

curl: Exposure of Private RSA Private Key in curl GitHub Repository

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

curl: access notes without permission

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

curl: Credential leak on redirect due to improper state clearing when parsing macdef in netrc.c

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

Node.js: Windows Device Names Still Allow Path Traversal in UNC Paths After CVE-2025-27210 Fix

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

1 32,555 32,556 32,557 32,558 32,559 385,998

Back to Main
Subscribe for the latest news: