CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2016-9469

Malware in sbrugna...

7.5CVSS7.4AI score0.05915EPSS

Exploits0References20

Tenable Nessus•added 2025/03/04 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2016-8624

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - curl before version 7.51.0 doesn't parse the authority component of the URL correctly when the host name part ends with a '' character, and could instead be...

7.5CVSS7.2AI score0.05915EPSS

Exploits0References2

OSV•added 2024/06/15 12:0 a.m.•18 views

OPENSUSE-SU-2024:10303-1 curl-7.51.0-1.1 on GA media

These are all security issues fixed in the curl-7.51.0-1.1 package on the GA media of openSUSE Tumbleweed...

9.8CVSS7.8AI score0.3763EPSS

Exploits12References32

F5 Networks•added 2023/02/21 6:33 p.m.•36 views

K10196624: libcurl vulnerability CVE-2016-8618

Security Advisory Description The libcurl API function called curlmaprintf before version 7.51.0 can be tricked into doing a double-free due to an unsafe sizet multiplication, on systems using 32 bit sizet variables. CVE-2016-8618 Impact A custom monitor or script that calls the curl command may...

9.8CVSS7.5AI score0.04574EPSS

Exploits0Affected Software16

NVD•added 2021/06/01 2:15 p.m.•12 views

CVE-2021-20306

A flaw was found in the BPMN editor in version jBPM 7.51.0.Final. Any authenticated user from any project can see the name of Ruleflow Groups from other projects, despite the user not having access to those projects. The highest threat from this vulnerability is to confidentiality...

4.3CVSS0.00655EPSS

Exploits0References1

OSV•added 2021/06/01 2:15 p.m.•13 views

CVE-2021-20306

4.3CVSS6.4AI score

Exploits0References1

Prion•added 2021/06/01 2:15 p.m.•13 views

Design/Logic Flaw

4CVSS4.3AI score0.00655EPSS

Exploits0References1Affected Software3

Positive Technologies•added 2021/06/01 12:0 a.m.•3 views

PT-2021-13880 · Jbpm · Jbpm

Name of the Vulnerable Software and Affected Versions: jBPM version 7.51.0.Final Description: A flaw in the BPMN editor allows any authenticated user to see the names of Ruleflow Groups from other projects, despite not having access to those projects. This poses a threat to confidentiality...

4.3CVSS4.2AI score0.00655EPSS

Exploits0References3

RedHat Linux•added 2018/11/13 8:36 a.m.•2 views

curl: Double-free in krb5 code

The function readdata in security.c in curl before version 7.51.0 is vulnerable to memory double free...

9.8CVSS7.3AI score0.04989EPSS

Exploits0References5

RedHat Linux•added 2018/11/13 8:36 a.m.•4 views

curl: Glob parser write/read out of bounds

The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow and out-of-bounds read via user controlled input...

9.8CVSS7.4AI score0.04413EPSS

Exploits0References5

RedHat Linux•added 2018/08/16 4:6 p.m.•3 views

curl: curl_getdate out-of-bounds read

The curlgetdate function in curl before version 7.51.0 is vulnerable to an out of bounds read if it receives an input with one digit short...

7.5CVSS7.3AI score0.04927EPSS

Exploits0References5

Prion•added 2018/08/01 6:29 a.m.•23 views

Double free

The function readdata in security.c in curl before version 7.51.0 is vulnerable to memory double free...

7.5CVSS6.7AI score0.04989EPSS

Exploits0References10Affected Software1

OSV•added 2018/08/01 6:29 a.m.•26 views

CVE-2016-8620

The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow and out-of-bounds read via user controlled input...

9.8CVSS6.9AI score0.04413EPSS

Exploits0References8

OSV•added 2018/08/01 6:29 a.m.•2 views

ALPINE-CVE-2016-8616

A flaw was found in curl before version 7.51.0 When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. This means that if an unused connection with proper credentials exists for a protocol that has connection-scoped...

5.9CVSS6.6AI score0.03472EPSS

Exploits0References1

OSV•added 2018/08/01 6:29 a.m.•27 views

CVE-2016-8625

curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to potentially and unknowingly issue network transfer requests to the wrong host...

7.5CVSS6.8AI score0.04321EPSS

Exploits0References11

OSV•added 2018/08/01 6:29 a.m.•2 views

ALPINE-CVE-2016-8623

A flaw was found in curl before version 7.51.0. The way curl handles cookies permits other threads to trigger a use-after-free leading to information disclosure...

7.5CVSS6.3AI score0.02602EPSS

Exploits0References1

AlpineLinux•added 2018/08/01 6:0 a.m.•42 views

CVE-2016-8623

A flaw was found in curl before version 7.51.0. The way curl handles cookies permits other threads to trigger a use-after-free leading to information disclosure...

7.5CVSS6.5AI score0.02602EPSS

Exploits0

NVD•added 2018/07/31 10:29 p.m.•26 views

CVE-2016-8621

The curlgetdate function in curl before version 7.51.0 is vulnerable to an out of bounds read if it receives an input with one digit short...

7.5CVSS6.3AI score0.04927EPSS

Exploits0References10

Prion•added 2018/07/31 10:29 p.m.•28 views

Out-of-bounds

The curlgetdate function in curl before version 7.51.0 is vulnerable to an out of bounds read if it receives an input with one digit short...

5CVSS6.7AI score0.04927EPSS

Exploits0References10Affected Software1