WakaTime: Unauthorized Disclosure of Private Emails via WakaTime Private Leaderboards

The vulnerability allowed unauthorized disclosure of private email addresses of WakaTime users through the private leaderboards feature. The email addresses were exposed to leaderboard creators and me ...

Continue Reading

September 14, 2025

curl: Stack use-after-scope in HTTP/3 POST request processing via CURLOPT_POSTFIELDS

Vulnerability description not...Read More ...

Continue Reading

September 14, 2025

curl: Use After Free (that leads to arbitrary Write for some versions)

Vulnerability description not...Read More ...

Continue Reading

September 14, 2025

WakaTime: Double Clickjacking Attack on WakaTime OAuth Authorization Flow at https://wakatime.com/oauth/authorize

The WakaTime OAuth authorization flow was vulnerable to a double-clickjacking attack. The attack allowed an attacker to trick users into unknowingly clicking the "Connect my WakaTime account& ...

Continue Reading

September 14, 2025

AWS VDP: AWS | Self Registration Internal LibreChat : Access to internal/proprietary LLMs

Vulnerability description not...Read More ...

Continue Reading

September 14, 2025

GitHub: Sample report: Denial of service

The denial of service vulnerability was identified in the system. The vulnerability could have allowed an attacker to disrupt the availability of the system by exhausting its...Read More ...

Continue Reading

September 14, 2025

curl: Path Traversal in SFTP QUOTE command leads to Arbitrary File Write and potential RCE

Vulnerability description not...Read More ...

Continue Reading

September 14, 2025

curl: Title: Remote Code Execution (RCE) via Arbitrary Library Loading in `–engine` option

Vulnerability description not...Read More ...

Continue Reading

September 14, 2025

1 2 3 4 5 6 385,998

Back to Main
Subscribe for the latest news: