Weblate: exposure of personal IP address via email.

The exposure of personal IP address through email was identified as a potential privacy concern. Email messages, even with TLS encryption, can pass through various servers that may store or record the ...

Continue Reading

July 17, 2025

curl: Failure to strip Proxy-Authorization header on change in origin

Vulnerability description not...Read More ...

Continue Reading

July 17, 2025

Lichess: Path Traversal Vulnerability in Lila Project

A path traversal vulnerability was discovered in the Lila project that allowed an attacker to access arbitrary files on the server by manipulating user-supplied input to traverse outside the intended ...

Continue Reading

July 17, 2025

MainWP: Reflected XSS in “Client Notes” Field

A reflected Cross-Site Scripting (XSS) vulnerability was discovered in the "Notes" functionality under the Edit Client section. User input in the notes input field was not properly s ...

Continue Reading

July 17, 2025

curl: Arbitrary File Read via Unsanitized curl Usage Results in Sensitive File Exposure

Vulnerability description not...Read More ...

Continue Reading

July 17, 2025

Hemi VDP: WordPress Version Exposure via ███████ on hemi.xyz

The WordPress CMS version was exposed in the XML file at https://hemi.xyz███. This disclosure allowed attackers to fingerprint the CMS...Read More ...

Continue Reading

July 17, 2025

Automattic: Woocommerce SQL Injection in WC_Report_Coupon_Usage

A SQL injection vulnerability was found in the WooCommerce plugin version 9.9.3. The vulnerable parameter was 'coupon_codes' in the '/wp-admin/admin.php?page=wc-reports&tab=orde ...

Continue Reading

July 17, 2025

curl: Sensitive information disclosure with malicious netrc file

Vulnerability description not...Read More ...

Continue Reading

July 17, 2025

1 69,387 69,388 69,389 69,390 69,391 385,998

Back to Main
Subscribe for the latest news: