CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability in Qemu

QEMU 5.0.0 has a heap-based Buffer Overflow in the flatviewreadcontinue function in exec.c, as hw/sd/sdhci.c improperly handles a write operation in the SDHCBLKSIZE case...

5CVSS6.5AI score0.00638EPSS

Exploits1References2

CloudLinux•added 2026/05/05 9:18 p.m.•13 views

curl: Fix of 2 CVEs

CVE-2019-5436: tftp: use the current blksize for recvfrom - CVE-2016-8615: cookie: replace use of fgets with custom version...

7.8CVSS6.8AI score0.49739EPSS

Exploits1

OSV•added 2026/05/05 9:18 p.m.•7 views

CLSA-2026-1777877363 curl: Fix of 2 CVEs

CVE-2019-5436: tftp: use the current blksize for recvfrom - CVE-2016-8615: cookie: replace use of fgets with custom version...

7.8CVSS6.6AI score0.49739EPSS

Exploits1References1

OSV•added 2026/05/04 7:0 a.m.•5 views

CLSA-2026-1777878036 curl: Fix of 2 CVEs

CVE-2019-5436: tftp: use the current blksize for recvfrom - CVE-2016-8615: cookie: replace use of fgets with custom version...

7.8CVSS6.8AI score0.49739EPSS

Exploits1References1

Hacker One•added 2025/11/29 5:6 p.m.•14 views

curl: Heap Buffer Overflow in TFTP

Summary: A heap buffer overflow vulnerability exists in the TFTP implementation of libcurl. The vulnerability is triggered when a malicious TFTP server sends an OACK Option acknowledgment packet with a blksize option that is larger than the default block size 512 bytes. libcurl updates its intern...

8.4AI score

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2009-2945

Malware in sbrugna...

4.3CVSS6AI score0.10382EPSS

Exploits7References15

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-53393

Malicious code in bioql PyPI...

5.5CVSS6.4AI score0.0017EPSS

Exploits0References2

SUSE CVE•added 2023/02/15 6:2 a.m.•3 views

SUSE CVE-2009-2958

The tftprequest function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a TFTP read aka RRQ request with a malformed blksize option...

4.3CVSS6.8AI score0.10382EPSS

Exploits7References4

SUSE CVE•added 2023/02/15 3:54 a.m.•3 views

SUSE CVE-2020-25085

QEMU 5.0.0 has a heap-based Buffer Overflow in flatviewreadcontinue in exec.c because hw/sd/sdhci.c mishandles a write operation in the SDHCBLKSIZE case...

5CVSS7AI score0.00638EPSS

Exploits1References15

RedhatCVE•added 2019/09/13 6:51 a.m.•40 views

CVE-2019-5482

Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. Mitigation Do not use TFTP with curl with smaller than the default BLKSIZE...

9.8CVSS1.5AI score0.17939EPSS

Exploits0References4

FreeBSD•added 2019/09/11 12:0 a.m.•41 views

curl -- multiple vulnerabilities

curl security problems: CVE-2019-5481: FTP-KRB double-free libcurl can be told to use kerberos over FTP to a server, as set with the CURLOPTKRBLEVEL option. During such kerberos FTP data transfer, the server sends data to curl in blocks with the 32 bit size of each block first and then that amoun...

9.8CVSS1.4AI score0.17939EPSS

Exploits0References3

BDU FSTEC•added 2016/07/06 12:0 a.m.•5 views

The vulnerability of the Dnsmasq software allows a remote attacker to compromise the accessibility of protected information.

The vulnerability in the tftprequest function of tftp.c in dnsmasq when using --enable-tftp allows malicious actors to trigger a service failure by using a TFTP-read request RRQ with an improperly configured blksize parameter...

4.3CVSS5.4AI score0.10382EPSS

Exploits7References3Affected Software1

OSV•added 2009/09/02 3:30 p.m.•1 views

DEBIAN-CVE-2009-2958

4.3CVSS6.2AI score0.10382EPSS

Exploits7References1