Lucene search
+L

103 matches found

UbuntuCve
UbuntuCve
added 2026/04/29 2:0 p.m.9 views

CVE-2026-5545

libcurl might in some circumstances reuse the wrong connection when asked to do an authenticated HTTPS request after a Negotiate-authenticated one, when both use the same host. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid...

6.5CVSS5.8AI score0.00414EPSS
Exploits1References4
OSV
OSV
added 2026/04/29 2:0 p.m.7 views

UBUNTU-CVE-2026-5545

libcurl might in some circumstances reuse the wrong connection when asked to do an authenticated HTTPS request after a Negotiate-authenticated one, when both use the same host. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid...

6.5CVSS5.8AI score0.00414EPSS
Exploits1References5
OSV
OSV
added 2026/04/29 8:0 a.m.7 views

CURL-CVE-2026-5545 wrong reuse of HTTP Negotiate connection

libcurl might in some circumstances reuse the wrong connection when asked to do an authenticated HTTPS request after a Negotiate-authenticated one, when both use the same host. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid...

6.5CVSS5.4AI score0.00414EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.10 views

PT-2026-35892

Name of the Vulnerable Software and Affected Versions libcurl affected versions not specified Description A logical error in the connection pooling mechanism allows libcurl to reuse an incorrect connection during authenticated HTTPS requests to the same host. If an application first performs a...

9.1CVSS5.2AI score0.00639EPSS
Exploits5References70
Veracode
Veracode
added 2026/04/18 5:9 a.m.14 views

DNN: Same HostGUID For All New Installs

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. All new installations of DNN 10.x.x - 10.2.1 have the same Host GUID. This does not affect upgrades from 9.x.x. Version 10.2.2 patches the issue...

6.9CVSS5.8AI score0.00175EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/03/11 6:0 p.m.5 views

UBUNTU-CVE-2026-3805

When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...

7.5CVSS5.8AI score0.00715EPSS
Exploits2References4
EUVD
EUVD
added 2026/03/11 12:31 p.m.6 views

EUVD-2026-11141

When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...

7.5CVSS5.8AI score0.00715EPSS
Exploits2References5
NVD
NVD
added 2026/03/11 11:16 a.m.5 views

CVE-2026-3805

When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...

7.5CVSS0.00715EPSS
Exploits2References4
Cvelist
Cvelist
added 2026/03/11 10:9 a.m.28 views

CVE-2026-3805 use after free in SMB connection reuse

When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...

0.00715EPSS
Exploits2References3
AlpineLinux
AlpineLinux
added 2026/03/11 10:9 a.m.7 views

CVE-2026-3805

When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...

7.5CVSS5.8AI score0.00715EPSS
Exploits2References4
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.8 views

PT-2026-20350

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.13 @openclaw/bluebubbles versions prior to 2026.2.13 Description The optional BlueBubbles iMessage channel plugin could accept webhook requests as authenticated based solely on the TCP peer address being...

7.5CVSS5.5AI score0.00319EPSS
Exploits0References12
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.3 views

Astra Linux – Vulnerability in requests

Requests is an HTTP library. Prior to version 2.32.0, when making requests through a Requests Session, if the first request was made with verify=False to disable certificate verification, all subsequent requests to the same host would continue to ignore certificate verification, regardless of...

5.6CVSS6.3AI score0.0034EPSS
Exploits0References3
OSV
OSV
added 2025/07/24 3:15 p.m.6 views

CVE-2025-36005

IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3.5.0, 3.5.1, 3.6.0, and MQ Operator SC2 3.2.0 through 3.2.13 Internet Pass-Thru could allow a malicious user to obtain sensitive information from another TLS session connection by the...

6.5CVSS5.8AI score0.00168EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/03/05 2:29 p.m.10 views

requests: subsequent requests to the same host ignore cert verification

An incorrect control flow implementation vulnerability was found in Requests. If the first request in a session is made with verify=False, all subsequent requests to the same host will continue to ignore cert verification...

5.6CVSS7.1AI score0.0034EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/02/12 12:11 a.m.4 views

requests: subsequent requests to the same host ignore cert verification

An incorrect control flow implementation vulnerability was found in Requests. If the first request in a session is made with verify=False, all subsequent requests to the same host will continue to ignore cert verification...

5.6CVSS7.1AI score0.0034EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/01/02 2:52 p.m.10 views

requests: subsequent requests to the same host ignore cert verification

An incorrect control flow implementation vulnerability was found in Requests. If the first request in a session is made with verify=False, all subsequent requests to the same host will continue to ignore cert verification...

5.6CVSS7.1AI score0.0034EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/07/12 1:43 a.m.5 views

requests: subsequent requests to the same host ignore cert verification

An incorrect control flow implementation vulnerability was found in Requests. If the first request in a session is made with verify=False, all subsequent requests to the same host will continue to ignore cert verification...

5.6CVSS7.1AI score0.0034EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/06/10 6:41 p.m.5 views

requests: subsequent requests to the same host ignore cert verification

An incorrect control flow implementation vulnerability was found in Requests. If the first request in a session is made with verify=False, all subsequent requests to the same host will continue to ignore cert verification...

5.6CVSS7.1AI score0.0034EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/05/21 11:13 p.m.3 views

SUSE CVE-2024-35195

Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to the value of verif...

6CVSS7.3AI score0.0034EPSS
Exploits0References20
OSV
OSV
added 2024/05/20 9:15 p.m.1 views

DEBIAN-CVE-2024-35195

Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to the value of verif...

5.6CVSS6.3AI score0.0034EPSS
Exploits0References1
Rows per page
Query Builder