13 matches found
CVE-2026-12064
When a user invokes curl using a schemeless URL combined with --proto-default sftp or scp, a disconnect occurs between the tool layer and libcurl. The tool layer incorrectly infers the URL scheme, which erroneously bypasses the initialization of critical SSH security options like...
Curl 7.81.0 < 8.21.0 Proto-Default Skips SSH Verification
The version of curl installed on the remote host is 7.81.0 prior to 8.21.0. It is, therefore, affected by an improper host validation vulnerability: - When a user invokes curl using a schemeless URL combined with --proto-default sftp, a disconnect occurs that erroneously bypasses the initializati...
Linux Distros Unpatched Vulnerability : CVE-2026-12064
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - curl - None Ubuntu Linux - When a user invokes curl using a schemeless URL combined with --proto-default sftp or scp, a disconnect occurs between...
CVE-2025-12064
creationtimestamp| type| source ---|---|--- 2025-11-08 05:45:25+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m53vaozrn3k2 2025-11-08 05:47:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m53veejglz2k...
AlmaLinux 10 : unbound (ALSA-2025:12064)
The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:12064 advisory. unbound: Unbound Cache poisoning CVE-2025-5994 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that...
RockyLinux 10 : unbound (RLSA-2025:12064)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:12064 advisory. unbound: Unbound Cache poisoning CVE-2025-5994 Tenable has extracted the preceding description block directly from the RockyLinux security advisory. Note that...
CVE-2018-12064
tinyexr 0.9.5 has a heap-based buffer over-read via tinyexr::ReadChannelInfo in tinyexr.h...
CVE-2018-12064
tinyexr 0.9.5 has a heap-based buffer over-read via tinyexr::ReadChannelInfo in tinyexr.h...
CVE-2018-12064
tinyexr 0.9.5 has a heap-based buffer over-read via tinyexr::ReadChannelInfo in tinyexr.h...
CVE-2018-12064
CVE-2018-12064 affects the tinyexr library, specifically version 0.9.5. The vulnerability is a heap-based buffer over-read in the function tinyexr::ReadChannelInfo (in tinyexr.h), due to improper bounds handling. Affected impact indicates potential exposure of memory contents (out-of-bounds read)...
OpenEMR <= 5.0.0 Multiple Vulnerabilities
OpenEMR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:open-emr:openemr"; ifdescription...
CVE-2017-12064
The csvloghtml function in library/edihistory/edihcsvinc.php in OpenEMR 5.0.0 and prior allows attackers to bypass intended access restrictions via a crafted name...
CVE-2017-12064
The CVE-2017-12064 vulnerability affects OpenEMR 5.0.0 and earlier, arising from the csv_log_html function in library/edihistory/edih_csv_inc.php. Attackers can bypass access restrictions using a specially crafted name, exposing restricted information. Public sources in the connected documents co...