Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Hacker One
Hacker Oneadded 2025/08/09 2:32 a.m.12 views

curl: Heap Buffer Overflow in Curl_memdup0() via CURLOPT_COPYPOSTFIELDS/CURLOPT_POSTFIELDSIZE Mismatch

Summary A heap buffer overflow vulnerability exists in libcurl's Curlmemdup0 function when handling CURLOPTCOPYPOSTFIELDS operations. The vulnerability occurs when libcurl internally processes POST data where the specified CURLOPTPOSTFIELDSIZE exceeds the actual buffer size of data set via...

8.1AI score
Exploits0
SUSE CVE
SUSE CVEadded 2023/02/15 5:28 a.m.1 views

SUSE CVE-2014-3707

The curleasyduphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPTCOPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an out-of-bounds read that allows remote web servers to read sensitive memory information...

4.3CVSS7.1AI score0.00226EPSS
Exploits0References22
RedHat Linux
RedHat Linuxadded 2015/11/19 3:26 a.m.0 views

curl: incorrect handle duplication after COPYPOSTFIELDS

A flaw was found in the way the libcurl library performed the duplication of connection handles. If an application set the CURLOPTCOPYPOSTFIELDS option for a handle, using the handle's duplicate could cause the application to crash or disclose a portion of its memory...

4.3CVSS6.8AI score0.00226EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2015/07/20 1:50 p.m.4 views

curl: incorrect handle duplication after COPYPOSTFIELDS

A flaw was found in the way the libcurl library performed the duplication of connection handles. If an application set the CURLOPTCOPYPOSTFIELDS option for a handle, using the handle's duplicate could cause the application to crash or disclose a portion of its memory...

4.3CVSS6.8AI score0.00226EPSS
Exploits0References5
OSV
OSVadded 2014/11/15 8:59 p.m.0 views

DEBIAN-CVE-2014-3707

The curleasyduphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPTCOPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an out-of-bounds read that allows remote web servers to read sensitive memory information...

4.3CVSS7.3AI score0.00226EPSS
Exploits0References1
OSV
OSVadded 2014/11/10 1:43 p.m.1 views

USN-2399-1 curl vulnerability

Symeon Paraschoudis discovered that curl incorrectly handled memory when being used with CURLOPTCOPYPOSTFIELDS and curleasyduphandle. This may result in sensitive data being incorrectly sent to the remote server...

4.3CVSS7AI score0.00226EPSS
Exploits0References2
OSV
OSVadded 2014/11/05 12:0 a.m.0 views

UBUNTU-CVE-2014-3707

The curleasyduphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPTCOPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an out-of-bounds read that allows remote web servers to read sensitive memory information...

4.3CVSS7AI score0.00226EPSS
Exploits0References4
Rows per page
Query Builder