curl: Use-After-Free in OpenSSL Keylog Callback via SSL_get_ex_data() in libcurl

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

Lichess: Server-Side Request Forgery (SSRF) via Game Export API

The Lichess game export API was found to be vulnerable to Server-Side Request Forgery (SSRF) due to insufficient input validation of the "players" parameter. This allowed an attacker ...

Continue Reading

August 05, 2025

Lichess: Path Traversal Vulnerability in Lila Project

A path traversal vulnerability was discovered in the Lila project that allowed an attacker to access arbitrary files on the server by manipulating user-supplied input to traverse outside the intended ...

Continue Reading

August 05, 2025

curl: arbitrary file read via `file://` path traversal with `–path-as-is`

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

curl: OpenSSL HTTP/3 bogus CURLINFO_TLS_SSL_PTR

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

curl: Arbitrary File Read via file:// Protocol in cURL

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

MainWP: Reflected XSS in “Client Notes” Field

A reflected Cross-Site Scripting (XSS) vulnerability was discovered in the "Notes" functionality under the Edit Client section. User input in the notes input field was not properly s ...

Continue Reading

August 05, 2025

curl: CVE-2025-5399: WebSocket endless loop

The function curl_ws_send() in libcurl contains an infinite loop that can be triggered by a malicious server under specific circumstances. The loop is caused by a condition in the code that is not pro ...

Continue Reading

August 05, 2025

1 42,451 42,452 42,453 42,454 42,455 385,998

Back to Main
Subscribe for the latest news: