curl: Use After Free (that leads to arbitrary Write for some versions)

Vulnerability description not...Read More ...

Continue Reading

August 11, 2025

MainWP: Reflected XSS in “Create Category” Functionality of Post Creation Module

A reflected Cross-Site Scripting (XSS) vulnerability was identified in the "Create Category" feature of the post creation functionality. When a user entered a malicious JavaScript pa ...

Continue Reading

August 11, 2025

WakaTime: Double Clickjacking Attack on WakaTime OAuth Authorization Flow at https://wakatime.com/oauth/authorize

The WakaTime OAuth authorization flow was vulnerable to a double-clickjacking attack. The attack allowed an attacker to trick users into unknowingly clicking the "Connect my WakaTime account& ...

Continue Reading

August 11, 2025

Weblate: exposure of personal IP address via email.

The exposure of personal IP addresses through email messages has been identified as a potential security issue. Email messages can pass through multiple servers, which may store or record the content, ...

Continue Reading

August 11, 2025

GitHub: Sample report: Denial of service

The denial of service vulnerability was identified in the system. The vulnerability could have allowed an attacker to disrupt the availability of the system by exhausting its...Read More ...

Continue Reading

August 11, 2025

curl: Failure to strip Proxy-Authorization header on change in origin

Vulnerability description not...Read More ...

Continue Reading

August 11, 2025

curl: Path Traversal in SFTP QUOTE command leads to Arbitrary File Write and potential RCE

Vulnerability description not...Read More ...

Continue Reading

August 11, 2025

Nintendo: Man-in-the-middle through broken SSL certificate verification

The vulnerability allowed an attacker to perform a man-in-the-middle attack by bypassing SSL certificate...Read More ...

Continue Reading

August 11, 2025

1 32,945 32,946 32,947 32,948 32,949 385,998

Back to Main
Subscribe for the latest news: