curl: CRLF injection in libcurl’s SMTP client via –mail-from and –mail-rcpt allows SMTP command smuggling

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

AWS VDP: XSS on Amazon Aquisition: elemental

The XSS vulnerability on Amazon's acquisition of Elemental was identified and addressed. The summary provided a brief overview of the...Read More ...

Continue Reading

August 05, 2025

HackerOne: Account takeover of existing HackerOne accounts through SCIM provisioning

The SCIM provisioning feature in HackerOne's sandbox program was vulnerable to account takeover. An attacker could create a user with an email they controlled, import existing users, assign the v ...

Continue Reading

August 05, 2025

curl: Arbitrary File Read via Unsanitized curl Usage Results in Sensitive File Exposure

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

curl: Security check up

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

Node.js: Windows Device Names (CON, PRN, AUX) Bypass Path Traversal Protection in path.normalize()

An incomplete fix has been identified for a vulnerability affecting Windows device names in the path.normalize() function in Node.js. The vulnerability allows path traversal protection to be bypassed ...

Continue Reading

August 05, 2025

curl: access notes without permission

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

curl: Sensitive information disclosure with malicious netrc file

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

1 42,037 42,038 42,039 42,040 42,041 385,998

Back to Main
Subscribe for the latest news: