Lucene search
K

51 matches found

Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.9 views

Alibaba Cloud Linux 3 : 0070: curl (ALINUX3-SA-2021:0070)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0070 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-22922: When curl is instructed to...

6.5CVSS6.3AI score0.0627EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2023/04/11 12:0 a.m.32 views

Siemens Industrial Devices using libcurl Use After Free (CVE-2021-22924)

libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths case insensitively,which could lead ...

4.3CVSS6.2AI score0.0627EPSS
Exploits1References18
OpenVAS
OpenVAS
added 2022/12/19 12:0 a.m.19 views

Western Digital My Cloud Multiple Products 5.x < 5.25.124 Multiple Vulnerabilities (WDC-22019)

Multiple Western Digital My Cloud products are prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progr...

9.8CVSS7.4AI score0.3197EPSS
Exploits14References2
Debian
Debian
added 2022/08/28 11:0 p.m.112 views

[SECURITY] [DLA 3085-1] curl security update

Debian LTS Advisory DLA-3085-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany August 29, 2022 https://wiki.debian.org/LTS Package : curl Version : 7.64.0-4+deb10u3 CVE ID : CVE-2021-22898 CVE-2021-22924 CVE-2021-22946 CVE-2021-22947 CVE-2022-22576 CVE-2022-27776...

8.1CVSS6.8AI score0.3197EPSS
Exploits10
Debian
Debian
added 2022/08/01 4:58 p.m.199 views

[SECURITY] [DSA 5197-1] curl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5197-1 [email protected] https://www.debian.org/security/ Markus Koschany August 01, 2022 https://www.debian.org/security/faq -...

9.8CVSS8.1AI score0.3197EPSS
Exploits15
ICS
ICS
added 2022/06/14 12:0 a.m.149 views

Siemens OpenSSL Affecting Industrial Products

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEMA Remote Connect Server Vulnerabilities: Multiple 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to escalate privileges, disclose...

9.8CVSS8.6AI score0.34174EPSS
Exploits7References12
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/22 2:34 p.m.34 views

Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - curl (CVE-2021-22924)

Summary Security Vulnerabilities affect IBM Cloud Private - curl Vulnerability Details CVEID: CVE-2021-22924 DESCRIPTION: An unspecified error with bad connection reused due to improper path name validation in cURL libcurl has an unknown impact and attack vector. CVSS Base score: 5.3 CVSS Tempora...

4.3CVSS0.8AI score0.0627EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/04/14 12:0 a.m.39 views

RHEL 7 : rh-dotnet31-curl (RHSA-2022:1354)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1354 advisory. .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

7.5CVSS6.9AI score0.0627EPSS
Exploits4References11
CBLMariner
CBLMariner
added 2022/04/09 6:51 a.m.17 views

CVE-2021-22924 affecting package curl for versions less than 7.76.0-5

CVE-2021-22924 affecting package curl for versions less than 7.76.0-5. A patched version of the package is available...

4.3CVSS6.3AI score0.0627EPSS
Exploits1
OpenVAS
OpenVAS
added 2022/02/13 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-1062)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6AI score0.0627EPSS
Exploits7References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.28 views

Mageia: Security Advisory (MGASA-2021-0384)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.5AI score0.0627EPSS
Exploits4References8
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/20 10:43 p.m.137 views

Security Bulletin: IBM MaaS360 Cloud Extender and Modules have various vulnerabilities (CVE-2021-22924, CVE-2021-3712)

Summary A vulnerability contained within a 3rd party component was identified and remediated in the IBM MaaS360 Cloud Extender Agent V2.106.100.008 and Modules. Vulnerability Details CVEID: CVE-2021-22924 DESCRIPTION: An unspecified error with bad connection reused due to improper path name...

7.4CVSS6.4AI score0.50445EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/22 3:42 p.m.44 views

Security Bulletin: Vulnerability in libcURL affect IBM Rational ClearCase ( CVE-2021-22924)

Summary libcURL vulnerabilities were disclosed by the libcURL Project. libcURL is used by IBM Rational ClearCase. IBM Rational ClearCase has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-22924 DESCRIPTION: An unspecified error with bad connection reused due to improper path...

4.3CVSS6.1AI score0.0627EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2021/11/17 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-2769)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.1AI score0.0982EPSS
Exploits5References2
Oracle linux
Oracle linux
added 2021/11/16 12:0 a.m.57 views

curl security and bug fix update

7.61.1-22 - fix STARTTLS protocol injection via MITM CVE-2021-22947 - fix protocol downgrade required TLS bypass CVE-2021-22946 7.61.1-21 - fix TELNET stack contents disclosure again CVE-2021-22925 - fix TELNET stack contents disclosure CVE-2021-22898 - fix bad connection reuse due to flawed path...

7.5CVSS6.5AI score0.0627EPSS
Exploits8
OpenVAS
OpenVAS
added 2021/11/12 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-2707)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.2AI score0.0982EPSS
Exploits5References2
OSV
OSV
added 2021/10/22 5:8 p.m.8 views

CLSA-2021-1634922534 Fixed CVE-2021-22924 in curl

fix connection reuse checks for issuer cert and case sensitivity CVE-2021-22924...

4.3CVSS6.6AI score0.0627EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2021/10/22 12:0 a.m.31 views

Oracle MySQL Server <= 5.7.35 / 8.0 <= 8.0.26 Security Update (cpuoct2021) - Linux

Oracle MySQL Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...

9.8CVSS7.4AI score0.87816EPSS
Exploits9References2
OpenVAS
OpenVAS
added 2021/09/22 12:0 a.m.30 views

Fedora: Security Advisory for curl (FEDORA-2021-c5584b92d4)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.1CVSS6.8AI score0.0627EPSS
Exploits7References2
Tenable Nessus
Tenable Nessus
added 2021/09/22 12:0 a.m.39 views

CentOS 8 : curl (CESA-2021:3582)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:3582 advisory. - curl: Content not matching hash in Metalink is not being discarded CVE-2021-22922 - curl: Metalink download sends credentials CVE-2021-22923 - curl:...

6.5CVSS6.4AI score0.0627EPSS
Exploits3References4
Rows per page
Query Builder