curl: Failure to strip Proxy-Authorization header on change in origin

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

curl: CVE-2025-5399: WebSocket endless loop

The function curl_ws_send() in libcurl contains an infinite loop that can be triggered by a malicious server under specific circumstances. The loop is caused by a condition in the code that is not pro ...

Continue Reading

August 05, 2025

AWS VDP: XSS on Amazon Aquisition: elemental

The XSS vulnerability on Amazon's acquisition of Elemental was identified and addressed. The summary provided a brief overview of the...Read More ...

Continue Reading

August 05, 2025

curl: CVE-2025-5025: No QUIC certificate pinning with wolfSSL

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

curl: Arbitrary File Read via file:// Protocol in cURL

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

Lichess: Path Traversal Vulnerability in Lila Project

A path traversal vulnerability was discovered in the Lila project that allowed an attacker to access arbitrary files on the server by manipulating user-supplied input to traverse outside the intended ...

Continue Reading

August 05, 2025

Mozilla: Bypass “No Links” Restriction in Biography via Protocol-Relative URL (//)

The report identifies a bypass vulnerability in the biography field on addons.allizom.org. Despite the application's policy against allowing links, it was possible to embed functional hyperlinks ...

Continue Reading

August 05, 2025

curl: Sensitive information disclosure with malicious netrc file

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

1 42,326 42,327 42,328 42,329 42,330 385,998

Back to Main
Subscribe for the latest news: