Mozilla: Bypass “No Links” Restriction in Biography via Protocol-Relative URL (//)

The report identifies a bypass vulnerability in the biography field on addons.allizom.org. Despite the application's policy against allowing links, it was possible to embed functional hyperlinks ...

Continue Reading

August 12, 2025

WakaTime: Unauthorized Disclosure of Private Emails via WakaTime Private Leaderboards

The vulnerability allowed unauthorized disclosure of private email addresses of WakaTime users through the private leaderboards feature. The email addresses were exposed to leaderboard creators and me ...

Continue Reading

August 12, 2025

curl: Vulnerability Report: Local File Disclosure via file:// Protocol in cURL

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

GHSA-PWH4-6R3M-J2RF PyLoad vulnerable to SQL Injection via API /json/add_package in add_links parameter

Summary The parameter add_links in the API /json/add_package is vulnerable to SQL Injection. SQL injection vulnerabilities can lead to sensitive data leakage. Details Affected file:https://github.c ...

Continue Reading

August 12, 2025

GHSA-3R4F-MM4W-WGG6

creation_timestamp| type| source ---|---|--- 2025-08-12 02:12:37+00:00| seen|...Read More ...

Continue Reading

August 12, 2025

GHSA-5FG8-WVX3-583X

creation_timestamp| type| source ---|---|--- 2025-08-12 02:12:37+00:00| seen|...Read More ...

Continue Reading

August 12, 2025

CVE-2025-42946

creation_timestamp| type| source ---|---|--- 2025-08-12 02:43:09+00:00| seen|...Read More ...

Continue Reading

August 12, 2025

CVE-2025-42945

creation_timestamp| type| source ---|---|--- 2025-08-12 02:43:09+00:00| seen|...Read More ...

Continue Reading

August 12, 2025

1 32,675 32,676 32,677 32,678 32,679 385,998

Back to Main
Subscribe for the latest news: