MiracleLinux 9 : curl-7.76.1-19.el9 (AXSA:2023-4690:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4690:01 advisory. curl: bad local IPv6 connection reuse CVE-2022-27775 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2022-27775)

An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead. This plugin only works with Tenable.ot. Please visit...

K000156724: ImageMagick vulnerabilities CVE-2020-27773, CVE-2020-27774, CVE-2020-27775, CVE-2020-27776, and CVE-2020-27829

Security Advisory Description CVE-2020-27773 A flaw was found in ImageMagick in MagickCore/gem-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char or division by zero. Thi...

CVE-2025-27775

creationtimestamp| type| source ---|---|--- 2025-03-19 23:00:28+00:00| seen| https://t.me/cvedetector/20677 2025-03-20 00:49:05+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkri2jvaw42m 2025-03-20 19:18:22+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8...

CVE-2025-27775

Applio is a voice conversion tool. Versions 3.2.7 and prior are vulnerable to server-side request forgery SSRF and file write in modeldownload.py line 143 in 3.2.7. The blind SSRF allows for sending requests on behalf of Applio server and can be leveraged to probe for other vulnerabilities on the...

CVE-2025-27775 Applio allows SSRF and file write in model_download.py

Applio is a voice conversion tool. Versions 3.2.7 and prior are vulnerable to server-side request forgery SSRF and file write in modeldownload.py line 143 in 3.2.7. The blind SSRF allows for sending requests on behalf of Applio server and can be leveraged to probe for other vulnerabilities on the...

CVE-2025-27775 Applio allows SSRF and file write in model_download.py

Applio is a voice conversion tool. Versions 3.2.7 and prior are vulnerable to server-side request forgery SSRF and file write in modeldownload.py line 143 in 3.2.7. The blind SSRF allows for sending requests on behalf of Applio server and can be leveraged to probe for other vulnerabilities on the...

CVE-2025-27775

CVE-2025-27775 affects Applio (voice conversion tool), versions 3.2.7 and earlier. The vulnerability is in a server-side request forgery (SSRF) and a file write in model_download.py (line 143 in 3.2.7). The blind SSRF enables the Applio server to issue requests on its behalf to internal or reacha...

Linux Distros Unpatched Vulnerability : CVE-2020-27775

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavio...

CVE-2023-27775

creationtimestamp| type| source ---|---|--- 2025-02-08 06:03:21+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/3870...

Ubuntu: Security Advisory (USN-7068-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Photon OS 3.0: Curl PHSA-2022-3.0-0406

An update of the curl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-3.0-0406. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Curl PHSA-2022-4.0-0205

An update of the curl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-4.0-0205. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2024-27775

SysAid before version 23.2.14 b18 - CWE-918: Server-Side Request Forgery SSRF may allow exposing the local OS user's NTLMv2 hash...

CVE-2023-27775

A stored HTML injection vulnerability in LiveAction LiveSP v21.1.2 allows attackers to execute arbitrary code via a crafted payload...

CVE-2023-27775

CVE-2023-27775 is a stored HTML injection vulnerability in LiveAction LiveSP v21.1.2 that allows an attacker to execute arbitrary code via a crafted payload. The available documents indicate the issue is exploitable with network access and requires user interaction, with a CVSS v3.1 base score of...

Security Bulletin: IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint has addressed multiple security vulnerabilities (CVE-2022-27774, CVE-2022-27775, CVE-2022-27776)

Summary This Security Bulletin addresses security vulnerabilities that have been remediated in IBM Aspera High-Speed Transfer Server 4.4.1 and Aspera High-Speed Transfer Endpoint 4.4.1 Vulnerability Details CVEID:CVE-2022-27774 DESCRIPTION: cURL libcurl could allow a remote attacker to obtain...

Western Digital My Cloud Multiple Products 5.x < 5.25.124 Multiple Vulnerabilities (WDC-22019)

Multiple Western Digital My Cloud products are prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progr...

Oracle Linux 9 : curl (ELSA-2022-8299)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-8299 advisory. - fix unpreserved file permissions CVE-2022-32207 - fix HTTP compression denial of service CVE-2022-32206 - fix FTP-KRB bad message verification CVE-2022-32208 ...

AlmaLinux 9 : curl (ALSA-2022:8299)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:8299 advisory. - An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a...