WakaTime: Session Replay Attack Allows Authentication Bypass via Captured Login Responses Allowing Bypass of 429 Too many attempts for Multiple Failed Logins

Vulnerability description not...Read More ...

Continue Reading

July 07, 2025

curl: [High] MITM via Insecure CA Path Handling in cURL (–capath, CURLOPT_CAPATH) (CWE-494: Download of Code Without Integrity Check)

Vulnerability description not...Read More ...

Continue Reading

July 07, 2025

curl: [High] Arbitrary File Write via Path Traversal in cURL CLI (`-o`, `–output`) (CWE-22: Improper Limitation of a Pathname to a Restricted Directory)

Vulnerability description not...Read More ...

Continue Reading

July 07, 2025

Fastify: Remote Code Execution via unsafe usage of `reply.view({ raw })` in @fastify/view (EJS template engine)

The @fastify/view plugin, when used with the EJS engine and the reply.view({ raw: <user-controlled-string> }) pattern, allowed arbitrary EJS execution. This vulnerability arose from the ...

Continue Reading

July 07, 2025

curl: Speculative Execution Side-Channel in `curl`

Vulnerability description not...Read More ...

Continue Reading

July 07, 2025

curl: HTTP/2 CONTINUATION Flood Vulnerability

Vulnerability description not...Read More ...

Continue Reading

July 07, 2025

curl: HTTP/3 Stream Dependency Cycle Exploit

Vulnerability description not...Read More ...

Continue Reading

July 07, 2025

Informatica: EXIF metadata not stripped from profile image

The EXIF metadata was not stripped from the profile images uploaded to the platform. This could have resulted in the disclosure of location or other personal information associated with the uploaded.. ...

Continue Reading

July 07, 2025

1 83,156 83,157 83,158 83,159 83,160 385,998

Back to Main
Subscribe for the latest news: