Lucene search
K

15 matches found

OpenVAS
OpenVAS
added 2024/03/14 12:0 a.m.42 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1376)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.78483EPSS
Exploits6References3
Tenable Nessus
Tenable Nessus
added 2024/01/26 12:0 a.m.26 views

RHEL 8 : curl (RHSA-2023:7540)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:7540 advisory. The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, a...

3.7CVSS7.5AI score0.06208EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2024/01/09 12:0 a.m.27 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1079)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.78483EPSS
Exploits6References3
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/20 7:12 p.m.34 views

Security Bulletin: Multiple vulnerabilities in Curl affect PowerSC

Summary There are multiple vulnerabilities in Curl that affect PowerSC. PowerSC uses Curl as part of PowerSC Trusted Network Connect TNC. Vulnerability Details CVEID:CVE-2023-38039 DESCRIPTION: cURL libcurl is vulnerable to a denial of service, caused by not limiting the number and size of header...

9.8CVSS9.5AI score0.78483EPSS
Exploits7Affected Software1
OpenVAS
OpenVAS
added 2023/12/12 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-3239)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.78483EPSS
Exploits6References3
OpenVAS
OpenVAS
added 2023/12/12 12:0 a.m.12 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-3267)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.78483EPSS
Exploits6References3
AlpineLinux
AlpineLinux
added 2023/10/18 3:51 a.m.42 views

CVE-2023-38546

This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions are met. libcurl performs transfers. In its API, an application creates "easy handles" that are the individual handles for single transfers. libcurl provides a functio...

3.7CVSS7.7AI score0.06208EPSS
Exploits0
Veracode
Veracode
added 2020/04/10 12:18 a.m.29 views

Improper Session Handling

php is vulnerable to improper session handling. The vulnerability exists as an attacker to create a cross-site cookie insertion attack if a victim follows an untrusted carefully-crafted URL...

4.3CVSS2.9AI score0.07919EPSS
Exploits0References34Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.48 views

Oracle Linux 3 : php (ELSA-2007-0889)

From Red Hat Security Advisory 2007:0889 : Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language common...

7.5CVSS7.1AI score0.08878EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.43 views

Scientific Linux Security Update : php on SL3.x i386/x86_64

Various integer overflow flaws were found in the PHP gd extension script that could be forced to resize images from an untrusted source, possibly allowing a remote attacker to execute arbitrary code as the apache user. CVE-2007-3996 An integer overflow flaw was found in the PHP chunksplit functio...

7.5CVSS7AI score0.08878EPSS
Exploits1References9
RedHat Linux
RedHat Linux
added 2007/10/25 5:33 p.m.5 views

php cross-site cookie insertion

The sessionstart function in ext/session in PHP 4.x up to 4.4.7 and 5.x up to 5.2.3 allows remote attackers to insert arbitrary attributes into the session cookie via special characters in a cookie that is obtained from 1 PATHINFO, 2 the sessionid function, and 3 the sessionstart function, which...

5CVSS6AI score0.07919EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2007/10/23 3:56 p.m.44 views

Moderate: Red Hat Security Advisory: php security update

Updated PHP packages that fix several security issues are now available for Red Hat Application Stack. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. The...

7.5CVSS6.1AI score0.07919EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 2007/10/23 3:56 p.m.6 views

php cross-site cookie insertion

The sessionstart function in ext/session in PHP 4.x up to 4.4.7 and 5.x up to 5.2.3 allows remote attackers to insert arbitrary attributes into the session cookie via special characters in a cookie that is obtained from 1 PATHINFO, 2 the sessionid function, and 3 the sessionstart function, which...

5CVSS6AI score0.07919EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2007/09/25 12:0 a.m.67 views

Fedora Core 6 : php-5.1.6-3.7.fc6 (2007-709)

This update fixes a number of security issues in PHP : - various integer overflow flaws were found in the PHP gd extension. A script that could be forced to resize images from an untrusted source could possibly allow a remote attacker to execute arbitrary code as the apache user. CVE-2007-3996 - ...

7.5CVSS7AI score0.08878EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2007/09/24 12:0 a.m.230 views

RHEL 4 / 5 : php (RHSA-2007:0890)

The remote Redhat Enterprise Linux 4 / 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2007:0890 advisory. - gd / php-gd ImageCreateFromPng infinite loop caused by truncated PNG CVE-2007-2756 - php chunksplit integer overflow CVE-2007-2872 - p...

7.5CVSS6.7AI score0.08878EPSS
Exploits1References17
Rows per page
Query Builder