Lucene search
K

13 matches found

Debian CVE
Debian CVE
added yesterday5 views

CVE-2026-12064

When a user invokes curl using a schemeless URL combined with --proto-default sftp or scp, a disconnect occurs between the tool layer and libcurl. The tool layer incorrectly infers the URL scheme, which erroneously bypasses the initialization of critical SSH security options like...

6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.12 views

Curl 7.81.0 < 8.21.0 Proto-Default Skips SSH Verification

The version of curl installed on the remote host is 7.81.0 prior to 8.21.0. It is, therefore, affected by an improper host validation vulnerability: - When a user invokes curl using a schemeless URL combined with --proto-default sftp, a disconnect occurs that erroneously bypasses the initializati...

5.9AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-12064

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - curl - None Ubuntu Linux - When a user invokes curl using a schemeless URL combined with --proto-default sftp or scp, a disconnect occurs between...

5.9AI score
Exploits0References3
Circl
Circl
added 2025/11/08 5:45 a.m.10 views

CVE-2025-12064

creationtimestamp| type| source ---|---|--- 2025-11-08 05:45:25+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m53vaozrn3k2 2025-11-08 05:47:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m53veejglz2k...

6.1CVSS5.8AI score0.00179EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/09 12:0 a.m.4 views

AlmaLinux 10 : unbound (ALSA-2025:12064)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:12064 advisory. unbound: Unbound Cache poisoning CVE-2025-5994 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that...

8.7CVSS6.5AI score0.00188EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/04 12:0 a.m.4 views

RockyLinux 10 : unbound (RLSA-2025:12064)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:12064 advisory. unbound: Unbound Cache poisoning CVE-2025-5994 Tenable has extracted the preceding description block directly from the RockyLinux security advisory. Note that...

8.7CVSS6.5AI score0.00188EPSS
Exploits0References3
OSV
OSV
added 2018/06/08 12:29 p.m.20 views

CVE-2018-12064

tinyexr 0.9.5 has a heap-based buffer over-read via tinyexr::ReadChannelInfo in tinyexr.h...

9.8CVSS9.7AI score
Exploits0References1
Debian CVE
Debian CVE
added 2018/06/08 12:0 p.m.17 views

CVE-2018-12064

tinyexr 0.9.5 has a heap-based buffer over-read via tinyexr::ReadChannelInfo in tinyexr.h...

9.8CVSS9.6AI score0.01275EPSS
Exploits0
Cvelist
Cvelist
added 2018/06/08 12:0 p.m.18 views

CVE-2018-12064

tinyexr 0.9.5 has a heap-based buffer over-read via tinyexr::ReadChannelInfo in tinyexr.h...

9.6AI score0.01275EPSS
Exploits0References1
CVE
CVE
added 2018/06/08 12:0 p.m.43 views

CVE-2018-12064

CVE-2018-12064 affects the tinyexr library, specifically version 0.9.5. The vulnerability is a heap-based buffer over-read in the function tinyexr::ReadChannelInfo (in tinyexr.h), due to improper bounds handling. Affected impact indicates potential exposure of memory contents (out-of-bounds read)...

9.8CVSS9.5AI score0.01275EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2017/08/15 12:0 a.m.26 views

OpenEMR <= 5.0.0 Multiple Vulnerabilities

OpenEMR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:open-emr:openemr"; ifdescription...

8.8CVSS6.6AI score0.15188EPSS
Exploits4References3
Cvelist
Cvelist
added 2017/08/01 5:0 a.m.23 views

CVE-2017-12064

The csvloghtml function in library/edihistory/edihcsvinc.php in OpenEMR 5.0.0 and prior allows attackers to bypass intended access restrictions via a crafted name...

7.6AI score0.01202EPSS
Exploits0References1
CVE
CVE
added 2017/08/01 5:0 a.m.54 views

CVE-2017-12064

The CVE-2017-12064 vulnerability affects OpenEMR 5.0.0 and earlier, arising from the csv_log_html function in library/edihistory/edih_csv_inc.php. Attackers can bypass access restrictions using a specially crafted name, exposing restricted information. Public sources in the connected documents co...

7.5CVSS7.5AI score0.01202EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder