73 matches found
TencentOS Server 3: curl (TSSA-2022:0200)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0200 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
CVE-2025-22925
OS4ED openSIS v7.0 to v9.1 was discovered to contain a SQL injection vulnerability via the table parameter at /attendance/AttendanceCodes.php. The remote, authenticated attacker requires the admin role to successfully exploit this vulnerability...
CVE-2025-22925
OS4ED openSIS (v7.0–v9.1) is affected by a SQL injection vulnerability in the /attendance/AttendanceCodes.php endpoint via the table parameter. The flaw requires an authenticated admin to exploit. Impact is high (availability impact stated) with no information on exploitation probability beyond t...
CVE-2024-27339
Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2024-27339 Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2024-27339
Kofax Power PDF is affected by CVE-2024-27339 due to an out-of-bounds write in PDF file parsing that can allow arbitrary code execution. The flaw stems from insufficient validation of user-supplied data, leading to a write past the end of an allocated buffer. Exploitation requires user interactio...
BELL-CVE-2021-22925 CVE-2021-22925 does not affect BellSoft software
Bulletin has no description...
Ubuntu 16.04 ESM : curl vulnerabilities (USN-5894-1)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5894-1 advisory. Harry Sintonen and Tomas Hoger discovered that curl incorrectly handled TELNET connections when the -t option was used on the command line. Uninitialized...
SUSE CVE-2021-22925
curl supports the -t command line option, known as CURLOPTTELNETOPTIONSin libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending NEWENV variables, libcurlcould be made to pass on uninitialized data from a stack based...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-1249)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.2.2 : curl (EulerOS-SA-2023-1249)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to...
Ubuntu: Security Advisory (USN-5021-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Siemens OpenSSL Affecting Industrial Products
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEMA Remote Connect Server Vulnerabilities: Multiple 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to escalate privileges, disclose...
EulerOS 2.0 SP3 : curl (EulerOS-SA-2022-1711)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this wa...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-1711)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - curl (CVE-2021-22925)
Summary Security Vulnerabilities affect IBM Cloud Private - curl Vulnerability Details CVEID:CVE-2021-22925 DESCRIPTION: cURL libcurl could allow a remote attacker to obtain sensitive information, caused by a flaw in the option parser for sending NEWENV variables. By sniffing the network traffic,...
CVE-2021-22925 affecting package curl for versions less than 7.76.0-5
CVE-2021-22925 affecting package curl for versions less than 7.76.0-5. A patched version of the package is available...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-1116)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-1062)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.6.6 : curl (EulerOS-SA-2022-1116)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - curl 7.7 through 7.76.1 suffers from an information disclosure when the -t command line option, known as CURLOPTTELNETOPTIONS in...