CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

122 matches found

SUSE CVE•added 2023/02/15 3:22 a.m.•1 views

SUSE CVE-2022-42915

curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTPS URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of the protocol through. An HTTP proxy might refuse this request HTTP...

7.3CVSS9AI score0.00467EPSS

Exploits0References3

OSV•added 2023/02/09 8:15 p.m.•1 views

DEBIAN-CVE-2022-43552

A use after free vulnerability exists in curl 7.87.0. Curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can and often do deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocat...

5.9CVSS6.5AI score0.00104EPSS

Exploits1References1

OSV•added 2023/02/09 8:15 p.m.•1 views

AZL-13284 CVE-2022-43552 affecting package curl for versions less than 7.86.0-3

5.9CVSS6.7AI score0.00104EPSS

Exploits1References1

OSV•added 2023/02/09 8:15 p.m.•2 views

AZL-13280 CVE-2022-43552 affecting package cmake for versions less than 3.21.4-13

5.9CVSS6.7AI score0.00104EPSS

Exploits1References1

OSV•added 2023/01/06 11:4 a.m.•2 views

OESA-2023-1007 curl security update

cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: A vulnerability was found in curl. In this issue, curl can be asked to tunnel all protocols virtually it supports through an HTTP proxy. HTTP...

7.5CVSS7AI score0.00104EPSS

Exploits2References3

OSV•added 2023/01/06 11:4 a.m.•2 views

OESA-2023-1005 curl security update

5.9CVSS7AI score0.00104EPSS

Exploits1References2

Positive Technologies•added 2022/11/07 12:0 a.m.•5 views

PT-2022-7575 · Curl +11 · Curl +11

Name of the Vulnerable Software and Affected Versions: curl versions prior to 7.87.0 Description: A use after free vulnerability exists in curl. The issue arises when curl is asked to tunnel virtually all protocols it supports through an HTTP proxy, and the proxy denies such tunnel operations for...

9.8CVSS6.2AI score0.14797EPSS

Exploits21References200

RedHat Linux•added 2022/01/04 8:38 a.m.•39 views

Important: Red Hat Security Advisory: telnet security update

An update for telnet is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impac...

10CVSS7.3AI score0.08404EPSS

Exploits2References2

NVD•added 2021/11/04 4:15 p.m.•17 views

CVE-2021-40113

Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive Optical Network PON Series Switches Optical Network Terminal ONT could allow an unauthenticated, remote attacker to perform the following actions: Log in with a default credential if the Telnet protocol i...

10CVSS0.13669EPSS

Exploits0References1

Prion•added 2021/11/04 4:15 p.m.•19 views

Command injection

7.5CVSS9.7AI score0.13669EPSS

Exploits0References1Affected Software5

Prion•added 2021/11/04 4:15 p.m.•15 views

Command injection

7.5CVSS9.6AI score0.00995EPSS

Exploits0References1Affected Software5

Cvelist•added 2021/11/04 3:35 p.m.•16 views

CVE-2021-40113 Cisco Catalyst PON Series Switches Optical Network Terminal Vulnerabilities

10CVSS10AI score0.13669EPSS

Exploits0References1

Vulnrichment•added 2021/11/04 3:35 p.m.•6 views

CVE-2021-40112 Cisco Catalyst PON Series Switches Optical Network Terminal Vulnerabilities

10CVSS7.4AI score0.01604EPSS

Exploits0References1

Cvelist•added 2021/11/04 3:35 p.m.•12 views

CVE-2021-40112 Cisco Catalyst PON Series Switches Optical Network Terminal Vulnerabilities

10CVSS9.9AI score0.01604EPSS

Exploits0References1

Cvelist•added 2021/11/04 3:35 p.m.•18 views

CVE-2021-34795 Cisco Catalyst PON Series Switches Optical Network Terminal Vulnerabilities

10CVSS9.9AI score0.00995EPSS

Exploits0References1

Vulnrichment•added 2021/11/04 3:35 p.m.•7 views

CVE-2021-34795 Cisco Catalyst PON Series Switches Optical Network Terminal Vulnerabilities

10CVSS7.4AI score0.00995EPSS

Exploits0References1

Amazon•added 2021/09/15 12:0 a.m.•45 views

Medium: curl

Issue Overview: A flaw was found in curl in the way curl handles a file hash mismatch after downloading content using the Metalink feature. This flaw allows malicious actors controlling a hosting server to trick users into downloading malicious content. The highest threat from this vulnerability ...

6.5CVSS6.8AI score0.0056EPSS

Exploits6

Packet Storm•added 2021/06/03 12:0 a.m.•206 views

CHIYU IoT Telnet Authentication Bypass

Exploit Title: CHIYU IoT Devices - 'Telnet' Authentication Bypass Date: 01/06/2021 Exploit Author: sirpedrotavares Vendor Homepage: https://www.chiyu-tech.com/msg/msg88.html Software Link: https://www.chiyu-tech.com/category-hardware.html Version: BF-430, BF-431, BF-450M, and SEMAC - all firmware...

0.2AI score0.27519EPSS

Exploits5

RedhatCVE•added 2021/05/26 9:45 a.m.•70 views

CVE-2021-22898

A flaw was found in the way curl handled telnet protocol option for sending environment variables, which could lead to sending of uninitialized data from a stack-based buffer to the server. This issue leads to potentially revealing sensitive internal information to the server using a clear-text...

3.1CVSS1.4AI score0.00126EPSS

Exploits1References4

ATTACKERKB•added 2021/05/14 1:15 p.m.•2 views

CVE-2020-27184

The NPort IA5000A Series devices use Telnet as one of the network device management services. Telnet does not support the encryption of client-server communications, making it vulnerable to Man-in-the-Middle attacks...

5.9CVSS5.3AI score0.00085EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by