Lucene search
K

7 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:39 a.m.4 views

SUSE CVE-2013-2174

Heap-based buffer overflow in the curleasyunescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted string ending in a "%" percent character...

6.8CVSS8.3AI score0.11118EPSS
Exploits2References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:58 a.m.4 views

SUSE CVE-2016-7134

ext/curl/interface.c in PHP 7.x before 7.0.10 does not work around a libcurl integer overflow, which allows remote attackers to cause a denial of service allocation error and heap-based buffer overflow or possibly have unspecified other impact via a long string that is mishandled in a curlescape...

9.8CVSS7.8AI score0.04846EPSS
Exploits0References8
OSV
OSV
added 2016/10/04 5:18 p.m.5 views

USN-3095-1 php5, php7.0 vulnerabilities

Taoguang Chen discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2016-7124 Taoguang Chen discovered that PHP incorrectly...

9.8CVSS7.4AI score0.16482EPSS
Exploits17References18
curl security advisories
curl security advisories
added 2016/09/14 8:0 a.m.12 views

curl escape and unescape integer overflows

The four libcurl functions curlescape, curleasyescape, curlunescape and curleasyunescape perform string URL percent escaping and unescaping. They accept custom string length inputs in signed integer arguments. The functions having names without "easy" being the deprecated versions of the others...

9.8CVSS6.8AI score0.11737EPSS
Exploits0Affected Software2
OSV
OSV
added 2016/09/11 12:0 a.m.4 views

UBUNTU-CVE-2016-7134

ext/curl/interface.c in PHP 7.x before 7.0.10 does not work around a libcurl integer overflow, which allows remote attackers to cause a denial of service allocation error and heap-based buffer overflow or possibly have unspecified other impact via a long string that is mishandled in a curlescape...

9.8CVSS7.5AI score0.04846EPSS
Exploits0References5
Hacker One
Hacker One
added 2016/08/17 7:8 a.m.18 views

Internet Bug Bounty: integer overflow in curl_escape caused heap corruption

Please check: https://bugs.php.net/bug.php?id=72807...

6.9AI score
Exploits0
OSV
OSV
added 2013/07/31 1:20 p.m.0 views

DEBIAN-CVE-2013-2174

Heap-based buffer overflow in the curleasyunescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted string ending in a "%" percent character...

6.8CVSS8.3AI score0.11118EPSS
Exploits2References1
Rows per page
Query Builder