curl: Potential XSS vector in curl via unsanitized URL parameter handling

Vulnerability description not...Read More ...

Continue Reading

July 07, 2025

Omise: Facebook Username Takeover via Broken Link in Footer

The Facebook username associated with the broken link in the footer was available for takeover. This could have allowed an attacker to create a fake Facebook page and mislead users into trusting...Rea ...

Continue Reading

July 07, 2025

WakaTime: Session Replay Attack Allows Authentication Bypass via Captured Login Responses Allowing Bypass of 429 Too many attempts for Multiple Failed Logins

Vulnerability description not...Read More ...

Continue Reading

July 07, 2025

curl: [High] MITM via Insecure CA Path Handling in cURL (–capath, CURLOPT_CAPATH) (CWE-494: Download of Code Without Integrity Check)

Vulnerability description not...Read More ...

Continue Reading

July 07, 2025

curl: [High] Arbitrary File Write via Path Traversal in cURL CLI (`-o`, `–output`) (CWE-22: Improper Limitation of a Pathname to a Restricted Directory)

Vulnerability description not...Read More ...

Continue Reading

July 07, 2025

Fastify: Remote Code Execution via unsafe usage of `reply.view({ raw })` in @fastify/view (EJS template engine)

The @fastify/view plugin, when used with the EJS engine and the reply.view({ raw: <user-controlled-string> }) pattern, allowed arbitrary EJS execution. This vulnerability arose from the ...

Continue Reading

July 07, 2025

curl: Speculative Execution Side-Channel in `curl`

Vulnerability description not...Read More ...

Continue Reading

July 07, 2025

curl: HTTP/2 CONTINUATION Flood Vulnerability

Vulnerability description not...Read More ...

Continue Reading

July 07, 2025

1 83,124 83,125 83,126 83,127 83,128 385,998

Back to Main
Subscribe for the latest news: