Lucene search
K

75 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 9 : curl-7.76.1-26.el9_3.3 (AXSA:2024-7591:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7591:01 advisory. curl: information disclosure by exploiting a mixed case flaw CVE-2023-46218 Tenable has extracted the preceding description block directly from the...

6.5CVSS7.2AI score0.01685EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:30 a.m.49 views

Security Bulletin: IBM MaaS360 Cloud Extender Agent, Configuration Utility, Email Notification, Real Time Action and Base Module affected by multiple vulnerabilities (CVE-2023-46219, CVE-2023-46218, CVE-2023-52071, CVE-2024-0853)

Summary Vulnerabilities contained within libcurl a 3rd party component were addressed in the IBM MaaS360 Cloud Extender Agent, Configuration Utility, Email Notification, Realtime Action and Base Modules. Vulnerability Details CVEID:CVE-2023-46219 DESCRIPTION: cURL libcurl could allow a remote...

6.5CVSS8AI score0.01685EPSS
Exploits3Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.10 views

Azure Linux 3.0 Security Update: cmake / curl / mysql (CVE-2023-46218)

The version of cmake / curl / mysql installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-46218 advisory. - This flaw allows a malicious HTTP server to set super cookies in curl that are then passed bac...

6.5CVSS6.3AI score0.01685EPSS
Exploits1References2
CBLMariner
CBLMariner
added 2024/11/19 9:24 p.m.15 views

CVE-2023-46218 affecting package cmake for versions less than 3.21.4-13

CVE-2023-46218 affecting package cmake for versions less than 3.21.4-13. A patched version of the package is available...

6.5CVSS6.8AI score0.01685EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/09/23 12:0 a.m.28 views

GLSA-202409-20 : curl: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202409-20 curl: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in curl. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from th...

8.6CVSS6.6AI score0.36081EPSS
Exploits6References12
Tenable Nessus
Tenable Nessus
added 2024/08/30 12:0 a.m.23 views

CBL Mariner 2.0 Security Update: cmake / curl / mysql (CVE-2023-46218)

The version of cmake / curl / mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-46218 advisory. - This flaw allows a malicious HTTP server to set super cookies in curl that are then passed bac...

6.5CVSS6.3AI score0.01685EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/05 8:44 p.m.30 views

Security Bulletin: IBM Storage Ceph is vulnerable to the Insertion of Sensitive Information Into Sent Data in the RHEL UBI (CVE-2023-46218)

Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2023-46218. Vulnerability Details CVEID:CVE-2023-46218 DESCRIPTION: cURL libcurl could allow a remote attacker to bypass security...

6.5CVSS6.9AI score0.01685EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.25 views

Photon OS 4.0: Curl PHSA-2024-4.0-0623

An update of the curl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0623. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

6.5CVSS6.8AI score0.01685EPSS
Exploits2References3
CBLMariner
CBLMariner
added 2024/07/22 3:42 p.m.26 views

CVE-2023-46218 affecting package cmake for versions less than 3.29.6-1

CVE-2023-46218 affecting package cmake for versions less than 3.29.6-1. An upgraded version of the package is available that resolves this issue...

6.5CVSS7.2AI score0.01685EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/26 4:23 p.m.41 views

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty and libcurl may affect IBM Storage Protect Backup-Archive Client

Summary IBM Storage Protect Backup-Archive Client can be affected by security flaws in IBM WebSphere Application Server Liberty and libcurl. The flaws can lead to weaker than expected security for outbound TLS connections and bypass of security restrictions, as described in the "Vulnerability...

6.5CVSS7.1AI score0.01685EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/14 4:27 p.m.41 views

Security Bulletin: Vulnerabilities in libcurl, cURL and Linux Kernel might affect IBM Storage Copy Data Management

Summary IBM Storage Copy Data Management can be affected by vulnerabilities in libcurl, cURL and Linux Kernel. Vulnerabilities include an attacker could exploit these vulnerabilities to overflow a buffer and execute arbitrary code on the system, to insert cookies at will into a running program, t...

9.8CVSS9.7AI score0.78483EPSS
Exploits29Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/05/17 12:0 a.m.42 views

EulerOS Virtualization 3.0.6.0 : curl (EulerOS-SA-2024-1677)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions a...

6.5CVSS7.4AI score0.06208EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/04/30 12:0 a.m.43 views

Amazon Linux 2 : curl (ALAS-2024-2531)

The version of curl installed on the remote host is prior to 8.3.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2531 advisory. This flaw allows a malicious HTTP server to set super cookies in curl that are then passed back to more origins than what is otherwise...

6.5CVSS6.4AI score0.01685EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/04/30 12:0 a.m.16 views

Nessus Network Monitor < 6.4.0 Multiple Vulnerabilities (TNS-2024-07)

According to its self-reported version, the Nessus Network Monitor running on the remote host is prior to 6.4.0. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2024-07 advisory. - Nessus Network Monitor leverages third-party software to help provide underlying...

6.5CVSS6.6AI score0.01685EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.30 views

Amazon Linux 2023 : curl, curl-minimal, libcurl (ALAS2023-2024-606)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-606 advisory. This flaw allows a malicious HTTP server to set super cookies in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then...

6.5CVSS6.3AI score0.01685EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/23 2:11 p.m.55 views

Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates

Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 5.0.17 LTS and 11.5.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported vulnerabilities...

7.8CVSS8AI score0.99999EPSS
Exploits24Affected Software1
OpenVAS
OpenVAS
added 2024/04/22 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1524)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.01685EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2024/04/22 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1543)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.01685EPSS
Exploits2References2
OSV
OSV
added 2024/04/05 2:55 p.m.37 views

RLSA-2024:1601 Moderate: curl security and bug fix update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: information disclosure by exploiting a mixed case flaw CVE-2023-46218 curl: more POST-after-PUT confusion...

6.5CVSS7.4AI score0.06208EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2024/04/03 12:0 a.m.37 views

AlmaLinux 8 : curl (ALSA-2024:1601)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:1601 advisory. - An information disclosure vulnerability exists in curl v8.1.0 when doing HTTPS transfers, libcurl might erroneously use the read callback...

6.5CVSS7.4AI score0.06208EPSS
Exploits2References4
Rows per page
Query Builder