curl: CVE-2025-5399: WebSocket endless loop

The function curl_ws_send() in libcurl contains an infinite loop that can be triggered by a malicious server under specific circumstances. The loop is caused by a condition in the code that is not pro ...

Continue Reading

August 05, 2025

curl: Disk Space Exhaustion leading to a Denial of Service (DoS)

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

HackerOne: Account takeover of existing HackerOne accounts through SCIM provisioning

The SCIM provisioning feature in HackerOne's sandbox program was vulnerable to account takeover. An attacker could create a user with an email they controlled, import existing users, assign the v ...

Continue Reading

August 05, 2025

curl: Exposure of Private RSA Private Key in curl GitHub Repository

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

MainWP: Reflected XSS in “Manage Tags” Notes Field

A reflected Cross-Site Scripting (XSS) vulnerability was discovered in the "Notes" input field under the Manage Tags section. Arbitrary input entered into this field was reflected ba ...

Continue Reading

August 05, 2025

curl: CVE-2025-5025: No QUIC certificate pinning with wolfSSL

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

curl: OpenSSL HTTP/3 bogus CURLINFO_TLS_SSL_PTR

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

curl: arbitrary file read via `file://` path traversal with `–path-as-is`

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

1 42,388 42,389 42,390 42,391 42,392 385,998

Back to Main
Subscribe for the latest news: