Informatica: EXIF metadata not stripped from profile image

The EXIF metadata was not stripped from the profile images uploaded to the platform. This could have resulted in the disclosure of location or other personal information associated with the uploaded.. ...

Continue Reading

July 17, 2025

Node.js: HashDoS in V8

The V8 release used in Node.js v24.0.0 changed how string hashes were computed using rapidhash. This implementation reintroduced the HashDoS vulnerability, where an attacker who could control the stri ...

Continue Reading

July 17, 2025

curl: curl_easy_header runs at O(N) or worse and can be abused to use minute(s) of CPU time

Vulnerability description not...Read More ...

Continue Reading

July 17, 2025

curl: CRLF Injection in `–proxy-header` allows extra HTTP headers (CWE-93)

Vulnerability description not...Read More ...

Continue Reading

July 17, 2025

curl: curl -OJ allows creating custom .curlrc file which allows exfiltrating private data, among other things

Vulnerability description not...Read More ...

Continue Reading

July 17, 2025

Tools for Humanity: Unlock underage blocked app without support interaction using airplane mode

The vulnerability allowed users to bypass the support requirement to unlock their blocked accounts in the iOS app. By changing the date of birth to an underage value, the app would lock the account an ...

Continue Reading

July 17, 2025

curl: Memory Leak

Vulnerability description not...Read More ...

Continue Reading

July 17, 2025

Mars: [XSS] Reflected XSS via POST request in (███████)

A reflected Cross-Site Scripting (XSS) vulnerability was identified in the celular parameter of a POST request to the homepage of a Mars-owned website. The vulnerability was classified as medium sever ...

Continue Reading

July 17, 2025

1 69,077 69,078 69,079 69,080 69,081 385,998

Back to Main
Subscribe for the latest news: