ROOT-OS-DEBIAN-12-CVE-2025-14524 CVE-2025-14524 in rootio-curl - Patched by Root

Root has patched CVE-2025-14524 in the rootio-curl package for Root:Debian:12. Multiple fixed versions available...

Security Bulletin: Vulnerability impacts AIX due to cURL libcurl (CVE-2025-14524)

Summary Vulnerability in cURL libcurl might wrongly pass on an OAuth2 bearer token CVE-2025-14524. AIX uses cURL libcurl as part of rsyslog, LV/PV encryption integration with HPCS and in Live Update for interacting with HMC. Vulnerability Details CVEID:CVE-2025-14524 DESCRIPTION: When an OAuth2...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2026-1386)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2026-1355)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2026-1421)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2025-14524

When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host...

SUSE CVE-2025-14524

When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host...

openSUSE Security Advisory (SUSE-SU-2026:0050-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2019-14524

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Schism Tracker through 20190722. There is a heap-based buffer overflow via a large number of song patterns in fmtmtmloadsong in...

CVE-2020-14524

CVE-2020-14524 affects Softing Industrial Automation OPC: all versions prior to the latest build of 4.47.0 are vulnerable to a heap-based buffer overflow (CWE-122) that may allow remote code execution. CVSS v3 base score 9.8 (CRITICAL) with NETWORK attack vector, no privileges, no user interactio...

openSUSE: Security Advisory for schismtracker (openSUSE-SU-2019:1994-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

DEBIAN-CVE-2019-14524

An issue was discovered in Schism Tracker through 20190722. There is a heap-based buffer overflow via a large number of song patterns in fmtmtmloadsong in fmt/mtm.c, a different vulnerability than CVE-2019-14465...

CVE-2019-14524

An issue was discovered in Schism Tracker through 20190722. There is a heap-based buffer overflow via a large number of song patterns in fmtmtmloadsong in fmt/mtm.c, a different vulnerability than CVE-2019-14465...

CVE-2019-14524

CVE-2019-14524 is a local, heap-based overflow in Schism Tracker’s MTM loader (fmt_mtm_load_song in fmt/mtm.c) triggered by a large number of song patterns. Affects Schism Tracker up to 20190722. Public advisories (openSUSE GLSA-202107-12 and OpenSUSE-SU-2019:1994) report a fix in patches release...

CVE-2018-14524

dwgdecodeeed in decode.c in GNU LibreDWG before 0.6 leads to a double free in dwgfreeeed in free.c because it does not properly manage the obj-eed value after a free occurs...

CVE-2018-14524

CVE-2018-14524 affects GNU LibreDWG prior to 0.6, with a double-free in dwg_free_eed due to improper management of obj->eed after free during dwg_decode_eed. Affected component: LibreDWG (C library for DWG handling). Root cause: freeing obj->eed without proper reinitialization/handling. Imp...

CVE-2017-14524

Multiple open redirect vulnerabilities in OpenText Documentum Administrator 7.2.0180.0055 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a 1 URL in the startat parameter to xda/help/en/default.htm or 2 /%09/ slash encoded horizontal tab slash...

CVE-2017-14524

OpenText Documentum Administrator 7.2.0180.0055 is vulnerable to multiple open redirect flaws. An attacker can redirect users to malicious sites via (1) the startat parameter in xda/help/en/default.htm or (2) the redirectUrl parameter in xda/component/virtuallinkconnect, enabling phishing or unwa...

OpenText Documentum Administrator / Webtop Open Redirection

Title: OpenText Documentum Administrator and Webtop - Open Redirection Author: Jakub Palaczynski Date: 24. September 2017 CVE Administrator: CVE-2017-14524 CVE Webtop: CVE-2017-14525 Affected software: ================== Documentum Administrator Documentum Webtop Exploit was tested on:...

OpenText Documentum Administrator / Webtop Open Redirection Vulnerability

OpenText Documentum Administrator version 7.2.0180.0055 and Documentum Webtop version 6.8.0160.0073 suffer from an open redirection vulnerability. Title: OpenText Documentum Administrator and Webtop - Open Redirection Author: Jakub Palaczynski Date: 24. September 2017 CVE Administrator:...