Lucene search
K

17 matches found

Tenable Nessus
Tenable Nessus
added 2026/02/10 12:0 a.m.6 views

Siemens SCALANCE and RUGGEDCOM Buffer Over-read (CVE-2024-6874)

libcurl's URL API function curlurlget offers punycode conversions, to and from IDN. Asking to convert a name that is exactly 256 bytes, libcurl ends up reading outside of a stack based buffer when built to use the macidn IDN backend. The conversion function then fills up the provided buffer exact...

4.3CVSS6.7AI score0.00786EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2025/09/15 12:0 a.m.2 views

SUSE: Security Advisory (SUSE-SU-2025:03198-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.01301EPSS
Exploits7References13
SUSE Linux
SUSE Linux
added 2025/09/12 12:15 p.m.5 views

Security update for curl

This update for curl fixes the following issues: Update to version 8.14.1 jscPED-13055, jscPED-13056. Security issues fixed: CVE-2025-0665: eventfd double close can cause libcurl to act unreliably bsc1236589. CVE-2025-4947: QUIC certificate check is skipped with wolfSSL allows for MITM attacks...

8.3CVSS7.6AI score0.01301EPSS
Exploits7References36
CBLMariner
CBLMariner
added 2025/03/13 3:8 p.m.43 views

CVE-2024-6874 affecting package curl for versions less than 8.8.0-1

CVE-2024-6874 affecting package curl for versions less than 8.8.0-1. A patched version of the package is available...

4.3CVSS4.7AI score0.00786EPSS
Exploits1
CBLMariner
CBLMariner
added 2024/10/01 6:58 p.m.29 views

CVE-2024-6874 affecting package cmake for versions less than 3.30.3-2

CVE-2024-6874 affecting package cmake for versions less than 3.30.3-2. A patched version of the package is available...

4.3CVSS4.7AI score0.00786EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/08/14 12:0 a.m.59 views

Tenable Security Center Multiple Vulnerabilities (TNS-2024-13)

According to its self-reported version, the Tenable Security Center running on the remote host is 6.2.1, 6.3.0 or 6.4.0. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2024-13 advisory. - Security Center leverages third-party software to help provide underlying...

9.8CVSS7.5AI score0.99957EPSS
Exploits14References19
CBLMariner
CBLMariner
added 2024/08/05 3:22 a.m.36 views

CVE-2024-6874 affecting package curl for versions less than 8.8.0-1

CVE-2024-6874 affecting package curl for versions less than 8.8.0-1. A patched version of the package is available...

4.3CVSS4.7AI score0.00786EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2024/07/25 6:41 a.m.28 views

CVE-2024-6874

A buffer overread vulnerability was found in Curl's URL API function curlurlget. This issue allows a remote attacker to obtain sensitive information due to a punycode buffer overread flaw. By sending a specially crafted request, an attacker can gain sensitive information and potentially launch...

5.3CVSS6.4AI score0.00786EPSS
Exploits1References6
Circl
Circl
added 2024/07/24 10:47 a.m.4 views

CVE-2024-6874

creationtimestamp| type| source ---|---|--- 2024-07-24 10:47:44+00:00| seen| https://t.me/cvedetector/1548 2026-02-12 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-043-06 2026-05-11 12:23:09+00:00| seen|...

4.3CVSS6.8AI score0.00786EPSS
Exploits1References3
OSV
OSV
added 2024/07/24 8:15 a.m.8 views

AZL-49664 CVE-2024-6874 affecting package cmake for versions less than 3.30.3-2

libcurl's URL API function curlurlget offers punycode conversions, to and from IDN. Asking to convert a name that is exactly 256 bytes, libcurl ends up reading outside of a stack based buffer when built to use the macidn IDN backend. The conversion function then fills up the provided buffer exact...

4.3CVSS7.3AI score0.00786EPSS
Exploits1References1
OSV
OSV
added 2024/07/24 8:15 a.m.7 views

AZL-47020 CVE-2024-6874 affecting package curl for versions less than 8.8.0-1

libcurl's URL API function curlurlget offers punycode conversions, to and from IDN. Asking to convert a name that is exactly 256 bytes, libcurl ends up reading outside of a stack based buffer when built to use the macidn IDN backend. The conversion function then fills up the provided buffer exact...

4.3CVSS7.3AI score0.00786EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2024/07/24 7:36 a.m.33 views

CVE-2024-6874

libcurl's URL API function curlurlget offers punycode conversions, to and from IDN. Asking to convert a name that is exactly 256 bytes, libcurl ends up reading outside of a stack based buffer when built to use the macidn IDN backend. The conversion function then fills up the provided buffer exact...

4.3CVSS7AI score0.00786EPSS
Exploits1
Cvelist
Cvelist
added 2024/07/24 7:36 a.m.38 views

CVE-2024-6874 macidn punycode buffer overread

libcurl's URL API function curlurlget offers punycode conversions, to and from IDN. Asking to convert a name that is exactly 256 bytes, libcurl ends up reading outside of a stack based buffer when built to use the macidn IDN backend. The conversion function then fills up the provided buffer exact...

0.00786EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/07/24 7:36 a.m.26 views

CVE-2024-6874 macidn punycode buffer overread

libcurl's URL API function curlurlget offers punycode conversions, to and from IDN. Asking to convert a name that is exactly 256 bytes, libcurl ends up reading outside of a stack based buffer when built to use the macidn IDN backend. The conversion function then fills up the provided buffer exact...

6.5AI score0.00786EPSS
Exploits1References4
OSV
OSV
added 2024/07/24 7:36 a.m.26 views

CVE-2024-6874 macidn punycode buffer overread

libcurl's URL API function curlurlget offers punycode conversions, to and from IDN. Asking to convert a name that is exactly 256 bytes, libcurl ends up reading outside of a stack based buffer when built to use the macidn IDN backend. The conversion function then fills up the provided buffer exact...

3.1CVSS6.8AI score0.00786EPSS
Exploits1References7
UbuntuCve
UbuntuCve
added 2024/07/24 12:0 a.m.31 views

CVE-2024-6874

libcurl's URL API function curlurlget offers punycode conversions, to and from IDN. Asking to convert a name that is exactly 256 bytes, libcurl ends up reading outside of a stack based buffer when built to use the macidn IDN backend. The conversion function then fills up the provided buffer exact...

4.3CVSS6.9AI score0.00786EPSS
Exploits1References2
Hacker One
Hacker One
added 2024/07/16 2:7 a.m.62 views

curl: CVE-2024-6874: macidn punycode buffer overread

The libcurl at commit 58772b0e082eda333e0a5fc8fb0bc7f17a3cd99c contained a stack-buffer overread in the function macidntoascii that could be triggered when the host of a URL was converted to punycode. The root cause was in the function uidnanameToASCIIUTF8, which left the output buffer unterminat...

4.3CVSS4.7AI score0.00786EPSS
Exploits1
Rows per page
Query Builder