Lucene search
+L

167 matches found

Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: curl (UTSA-2025-987462)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987462 advisory. When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPTACCEPTENCODING option, using zlib 1.2.0.3 or older, a...

7.3CVSS6.7AI score0.01218EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-1837

Malicious code in bioql PyPI...

7.3CVSS6.2AI score0.01218EPSS
Exploits1References9
Fedora
Fedora
added 2025/08/21 12:55 a.m.8 views

[SECURITY] Fedora 42 Update: suricata-7.0.11-1.fc42

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

7.5CVSS6.9AI score0.00432EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/08/01 5:42 p.m.3 views

jetty-server: Jetty: Gzip Request Body Buffer Corruption

A flaw was found in Eclipse Jetty. This vulnerability allows corrupted and inadvertent data sharing between requests via a gzip error when inflating a request body. If the request body is malformed, the gzip decompression process can fail, resulting in the application inadvertently using data fro...

7.2CVSS7.1AI score0.00453EPSS
Exploits0References6
F5 Networks
F5 Networks
added 2025/05/14 6:19 a.m.15 views

K000151312: cURL vulnerability CVE-2025-0725

Security Advisory Description When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPTACCEPTENCODING option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow. CVE-2025-0725...

7.3CVSS6.7AI score0.01218EPSS
Exploits1
OpenVAS
OpenVAS
added 2025/05/13 12:0 a.m.4 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2025-1502)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3CVSS7.5AI score0.01218EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/05/12 12:0 a.m.6 views

EulerOS 2.0 SP10 : curl (EulerOS-SA-2025-1503)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPTACCEPTENCODING option,using zlib...

7.3CVSS6.8AI score0.01218EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/05/12 12:0 a.m.5 views

EulerOS 2.0 SP10 : curl (EulerOS-SA-2025-1502)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPTACCEPTENCODING option,using zlib...

7.3CVSS6.8AI score0.01218EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/05/06 12:0 a.m.9 views

EulerOS 2.0 SP12 : curl (EulerOS-SA-2025-1408)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When asked to use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-t...

7.3CVSS6.8AI score0.01218EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2025/05/06 12:0 a.m.14 views

EulerOS 2.0 SP12 : curl (EulerOS-SA-2025-1407)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When asked to use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-t...

7.3CVSS6.8AI score0.01218EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2025/04/11 12:0 a.m.15 views

EulerOS 2.0 SP11 : curl (EulerOS-SA-2025-1350)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When asked to both use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the...

7.3CVSS6.9AI score0.01378EPSS
Exploits3References4
Fedora
Fedora
added 2025/04/03 1:37 a.m.20 views

[SECURITY] Fedora 41 Update: suricata-7.0.10-1.fc41

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

7.5CVSS7.2AI score0.00259EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/04/01 12:0 a.m.15 views

EulerOS 2.0 SP13 : curl (EulerOS-SA-2025-1313)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When asked to use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-t...

7.3CVSS6.8AI score0.01218EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2025/04/01 12:0 a.m.12 views

EulerOS 2.0 SP13 : curl (EulerOS-SA-2025-1330)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When asked to use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-t...

7.3CVSS6.8AI score0.01218EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2025-0725

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPTACCEPTENCODING option, using zlib 1.2.0.3 or...

7.3CVSS6.8AI score0.01218EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/02/20 12:0 a.m.16 views

Tenable Identity Exposure < 3.77.9 Multiple Vulnerabilities (TNS-2025-01)

The version of the Tenable Identity Exposure running on the remote host is prior to 3.77.9. It is, therefore, affected by multiple vulnerabilities according to advisory TNS-2025-01, including the following: - libcurl would wrongly close the same eventfd file descriptor twice when taking down a...

7.7CVSS7.1AI score0.01404EPSS
Exploits5References11
Tenable Nessus
Tenable Nessus
added 2025/02/14 12:0 a.m.17 views

CBL Mariner 2.0 Security Update: curl / mysql (CVE-2025-0725)

The version of curl / mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-0725 advisory. - When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with th...

7.3CVSS6.9AI score0.01218EPSS
Exploits1References2
Veracode
Veracode
added 2025/02/10 10:48 a.m.4 views

Buffer Overflow

libcurl.so is vulnerable to a Buffer Overflow. The vulnerability is due to an attacker-controlled integer overflow due to the use of zlib when performing automatic gzip decompression with the CURLOPTACCEPTENCODING option, leading to a potential buffer overflow...

7.3CVSS7.2AI score0.01218EPSS
Exploits1References10Affected Software2
RedhatCVE
RedhatCVE
added 2025/02/08 4:8 a.m.15 views

CVE-2025-0725

A flaw was found in libcurl. This vulnerability allows an attacker to trigger a buffer overflow via an integer overflow in zlib 1.2.0.3 or older when libcurl performs automatic gzip decompression. Mitigation Mitigation for this issue is either not available or the currently available options do n...

4CVSS6.8AI score0.01218EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2025/02/06 3:48 a.m.2 views

SUSE CVE-2025-0725

When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPTACCEPTENCODING option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow...

4.3CVSS9.7AI score0.01218EPSS
Exploits1References8
Rows per page
Query Builder