CVE-2026-0853

Certain NVR models developed by A-Plus Video Technologies has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access the debug page and obtain device status information...

CVE-2026-0853 A-Plus Video Technologies｜NVR - Sensitive Data Exposure

Certain NVR models developed by A-Plus Video Technologies has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access the debug page and obtain device status information...

CVE-2026-0853

creationtimestamp| type| source ---|---|--- 2026-01-12 03:13:00+00:00| seen| https://www.twcert.org.tw/en/cp-139-10621-55584-2.html 2026-01-12 05:59:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mc7edla2uo2y...

CVE-2020-0853

An information disclosure vulnerability exists in Windows when the Windows Imaging Component fails to properly handle objects in memory, aka 'Windows Imaging Component Information Disclosure Vulnerability'...

WordPress PGS Core plugin <= 5.8.0 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by István Márton in WordPress Plugin PGS Core versions = 5.8.0...

CVE-2025-0853

creationtimestamp| type| source ---|---|--- 2025-05-07 00:02:57+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lok3qtsgobl2 2025-05-07 02:21:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lokdlfffsl2p 2025-05-07...

CVE-2025-0853 PGS Core <= 5.8.0 - Unauthenticated SQL Injection

The PGS Core plugin for WordPress is vulnerable to SQL Injection via the 'event' parameter in the 'saveheaderbuilder' function in all versions up to, and including, 5.8.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

Security Bulletin: IBM MaaS360 Cloud Extender Agent, Configuration Utility, Email Notification, Real Time Action and Base Module affected by multiple vulnerabilities (CVE-2023-46219, CVE-2023-46218, CVE-2023-52071, CVE-2024-0853)

Summary Vulnerabilities contained within libcurl a 3rd party component were addressed in the IBM MaaS360 Cloud Extender Agent, Configuration Utility, Email Notification, Realtime Action and Base Modules. Vulnerability Details CVEID:CVE-2023-46219 DESCRIPTION: cURL libcurl could allow a remote...

Multiple CURL vulnerabilities in Brocade SANnav OVA deployments before SANnav 2.3.1b

Multiple CURL vulnerabilities Curl 7.44.0 8.7.0 vulnerabilities CVE-2024-2398, CVE-2024-2466, CVE-2024-2004 & CVE-2024-0853 Curl 7.44.0 8.7.0 HTTP/2 Push Headers Memory-leak CVE-2024-2398 Curl 7.85.0 8.7.0 Input Misinterpretation CVE-2024-2004 Curl 7.85.0 8.7.0 Input Misinterpretation CVE-2024-20...

Azure Linux 3.0 Security Update: curl (CVE-2024-0853)

The version of curl installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0853 advisory. - curl inadvertently kept the SSL session ID for connections in its cache even when the verify status OCSP stapli...

GLSA-202409-20 : curl: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202409-20 curl: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in curl. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from th...

CBL Mariner 2.0 Security Update: curl (CVE-2024-0853)

The version of curl installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0853 advisory. - curl inadvertently kept the SSL session ID for connections in its cache even when the verify status OCSP stapli...

CVE-2024-0853 affecting package curl for versions less than 8.8.0-1

CVE-2024-0853 affecting package curl for versions less than 8.8.0-1. An upgraded version of the package is available that resolves this issue...

Oracle MySQL Cluster 8.0.x < 8.0.37 (Apr 2024 / Jul 2024 CPU)

The versions of MySQL Cluster installed on the remote host are affected by multiple vulnerabilities as referenced in the April / July 2024 CPU advisory. - Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General LibExpat. Supported versions that are affected are 8.0....

AIX is vulnerable to security restrictions bypass due to cURL libcurl (CVE-2024-0853)

IBM SECURITY ADVISORY First Issued: Thu Jun 20 15:10:42 CDT 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/curladvisory5.asc Security Bulletin: AIX is vulnerable to security restrictions bypass due to cURL libcurl CVE-2024-0853...

Amazon Linux 2023 : curl, curl-minimal, libcurl (ALAS2023-2024-581)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-581 advisory. A flaw was found in Curl, where it inadvertently kept the SSL session ID for connections in its cache even when the verify status, OCSP stapling test, failed. A subsequent transfer to the same hostname...

Low: curl

Issue Overview: A flaw was found in Curl, where it inadvertently kept the SSL session ID for connections in its cache even when the verify status, OCSP stapling test, failed. A subsequent transfer to the same hostname could succeed if the session ID cache were still fresh, which then skips the...

FreeBSD : curl -- OCSP verification bypass with TLS session reuse (02e33cd1-c655-11ee-8613-08002784c58d)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 02e33cd1-c655-11ee-8613-08002784c58d advisory. - curl inadvertently kept the SSL session ID for connections in its cache even when the verify status...

CVE-2024-0853 vulnerabilities

Vulnerabilities for packages: curl...

CVE-2024-0853 vulnerabilities

Vulnerabilities for packages: curl...