CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

708 matches found

Prion•added 2023/03/30 8:15 p.m.•22 views

Authentication flaw

An authentication bypass vulnerability exists libcurl 8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPTGSSAPIDELEGATION option. This vulnerability affects...

2.6CVSS7AI score0.00011EPSS

Exploits1References5Affected Software4

AlpineLinux•added 2023/03/30 12:0 a.m.•57 views

CVE-2023-27536

5.9CVSS7.5AI score0.00011EPSS

Exploits1

Tenable Nessus•added 2023/03/28 12:0 a.m.•35 views

CBL Mariner 2.0 Security Update: heimdal (CVE-2022-45142)

The version of heimdal installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-45142 advisory. - The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug ...

7.5CVSS6.6AI score0.00727EPSS

Exploits0References2

Redos•added 2023/03/24 12:0 a.m.•30 views

ROS-20230324-01

Vulnerability of Samba networking software package is related to errors in symbolic links processing. links. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to the server's server file system Vulnerability of unwrapdes and unwrapdes3 functions of GSSAPI...

6.5CVSS7.3AI score0.00727EPSS

Exploits0

Tenable Nessus•added 2023/03/23 12:0 a.m.•51 views

FreeBSD : curl -- multiple vulnerabilities (0d7d104c-c6fb-11ed-8a4b-080027f5fec9)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 0d7d104c-c6fb-11ed-8a4b-080027f5fec9 advisory. - The vulnerability exists due to missing documentation of the TELNET protocol support and the...

9.8CVSS7.3AI score0.00179EPSS

Exploits6References8

RedhatCVE•added 2023/03/21 1:13 p.m.•48 views

CVE-2023-27536

A flaw was found in the Curl package. Libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, the GSS delegation setting was left out from the configuration match checks, making them match too easily, affecting...

5.9CVSS8.7AI score0.00011EPSS

Exploits1References4

Veracode•added 2023/03/21 12:30 a.m.•35 views

Authentication Bypass

curl is vulnerable to Authentication Bypass. The library would reuse a previously created connection even if the GSS delegation CURLOPTGSSAPIDELEGATION option had been changed, but this setting was left out from configuration match checks, affecting krb5/kerberos/negotiate/GSSAPI transfers...

5.9CVSS8.9AI score0.00011EPSS

Exploits1References10Affected Software4

Tenable Nessus•added 2023/03/21 12:0 a.m.•57 views

Amazon Linux 2023 : libnetapi, libnetapi-devel, libsmbclient (ALAS2023-2023-032)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-032 advisory. 2024-02-15: CVE-2016-2124 was added to this advisory. 2024-02-15: CVE-2021-44141 was added to this advisory. 2024-02-15: CVE-2021-20316 was added to this advisory. 2024-02-15: CVE-2020-17049 wa...

9.8CVSS7.5AI score0.25552EPSS

Exploits3References34

OSV•added 2023/03/20 8:0 a.m.•32 views

CURL-CVE-2023-27536 GSS delegation too eager connection reuse

libcurl would reuse a previously created connection even when the GSS delegation CURLOPTGSSAPIDELEGATION option had been changed that could have changed the user's permissions in a second transfer. libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if...

5.9CVSS6.4AI score0.00011EPSS

Exploits1

Hacker One•added 2023/03/20 7:42 a.m.•92 views

Internet Bug Bounty: CVE-2023-27536: GSS delegation too eager connection re-use

A vulnerability was found in libcurl versions 7.22.0 to 7.88.1 that allowed for the reuse of a previously created connection even when the GSS delegation option had been changed, potentially changing the user's permissions in a second transfer. This could affect krb5/kerberos/negotiate/GSSAPI...

5.9CVSS7.2AI score0.00011EPSS

Exploits1

OSV•added 2023/03/20 12:0 a.m.•0 views

UBUNTU-CVE-2023-27536

5.9CVSS6.7AI score0.00011EPSS

Exploits1References5

Mageia•added 2023/03/18 10:16 p.m.•51 views

Updated heimdal packages fix security vulnerability

The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported a logic inversion sneaked in causing the validation of message integrity codes in gssapi/arcfour to b...

7.5CVSS2.2AI score0.00088EPSS

Exploits0References4

Microsoft CVE•added 2023/03/14 7:0 a.m.•2 views

The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches (and possibly other branches) a logic inversion sneaked in causing the validation of message integrity codes in gssapi/arcfour to be inverted.

...

7.5CVSS6.7AI score0.00727EPSS

Exploits0

Ubuntu•added 2023/03/08 1:2 p.m.•90 views

USN-5936-1: Samba vulnerabilities

Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. CVE-2022-3437 Tom Tervoort discovered that Samba incorrectly used weak rc4-hmac Kerber...

9.8CVSS7.6AI score0.10832EPSS

Exploits1

OSV•added 2023/03/08 1:2 p.m.•0 views

USN-5936-1 samba vulnerabilities

9.8CVSS7AI score0.10832EPSS

Exploits1References7