CVE-2024-28320

Insecure Direct Object References IDOR vulnerability in Hospital Management System 1.0 allows attackers to manipulate user parameters for unauthorized access and modifications via crafted POST request to /patient/edit-user.php...

Azure Linux 3.0 Security Update: cmake / curl / mysql / rust / tensorflow (CVE-2023-28320)

The version of cmake / curl / mysql / rust / tensorflow installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-28320 advisory. - A denial of service vulnerability exists in curl v8.1.0 in the way libcurl...

CVE-2022-28320

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.16.02.022. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2023-28320 affecting package cmake for versions less than 3.21.4-11

CVE-2023-28320 affecting package cmake for versions less than 3.21.4-11. A patched version of the package is available...

Photon OS 5.0: Cmake PHSA-2023-5.0-0035

An update of the cmake package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0035. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Curl PHSA-2023-4.0-0426

An update of the curl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0426. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CBL Mariner 2.0 Security Update: cmake / curl / mysql / rust / tensorflow (CVE-2023-28320)

The version of cmake / curl / mysql / rust / tensorflow installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-28320 advisory. - A denial of service vulnerability exists in curl v8.1.0 in the way libcurl...

Security Bulletin: Vulnerabilities in libcurl, cURL and Linux Kernel might affect IBM Storage Copy Data Management

Summary IBM Storage Copy Data Management can be affected by vulnerabilities in libcurl, cURL and Linux Kernel. Vulnerabilities include an attacker could exploit these vulnerabilities to overflow a buffer and execute arbitrary code on the system, to insert cookies at will into a running program, t...

CVE-2023-28320 affecting package mysql for versions less than 8.0.34-1

CVE-2023-28320 affecting package mysql for versions less than 8.0.34-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-28320 affecting package rust for versions less than 1.72.0-2

CVE-2023-28320 affecting package rust for versions less than 1.72.0-2. An upgraded version of the package is available that resolves this issue...

BELL-CVE-2023-28320 CVE-2023-28320 does not affect BellSoft software

Bulletin has no description...

CVE-2023-28320 affecting package curl for versions less than 8.2.1-1

CVE-2023-28320 affecting package curl for versions less than 8.2.1-1. An upgraded version of the package is available that resolves this issue...

macOS 11.x < 11.7.9 Multiple Vulnerabilities (HT213845)

The remote host is running a version of macOS / Mac OS X that is 11.x prior to 11.7.9. It is, therefore, affected by multiple vulnerabilities: - A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS...

openSUSE 15: curl / libcurl-devel / libcurl-devel-32bit / libcurl4 / etc (SUSE-SU-2023:2224-2)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2224-2 advisory. This update for curl adds the following feature: Update to version 8.0.1 jscPED-2580 - CVE-2023-28319: use-after-free in SSH sha256 fingerprint check...

CVE-2023-28320

creationtimestamp| type| source ---|---|--- 2023-05-27 14:26:46+00:00| seen| https://t.me/ctinow/114605 2024-08-30 13:57:55+00:00| published-proof-of-concept| https://t.me/criticalbug/1487...

CVE-2023-28320

A denial of service vulnerability exists in curl v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using alarm and siglongjmp. When doi...

CVE-2023-28320

A denial of service vulnerability exists in curl...

AZL-26793 CVE-2023-28320 affecting package curl for versions less than 8.2.1-1

A denial of service vulnerability exists in curl v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using alarm and siglongjmp. When doi...

CVE-2023-28320

The CVE-2023-28320 issue affects curl/libcurl when built with a synchronous resolver, where name resolution can hang via alarm() and siglongjmp(). It uses a non-mutex-protected global buffer, risking crashes or misbehavior in multi-threaded apps. Affected: curl

SUSE: Security Advisory (SUSE-SU-2023:2226-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...