Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

curl security advisories
curl security advisoriesadded 2024/09/11 8:0 a.m.3 views

OCSP stapling bypass with GnuTLS

When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error tha...

6.5CVSS7.4AI score0.00559EPSS
Exploits1References1Affected Software2
curl security advisories
curl security advisoriesadded 2007/07/10 8:0 a.m.1 views

GnuTLS insufficient cert verification

libcurl when built to use GnuTLS fails to verify that a peer's certificate has not already expired or has not yet become valid. This allows malicious servers to present certificates to libcurl that were not rejected properly. Notably, the CA certificate and common name checks are still in place...

7.5CVSS5.2AI score0.00635EPSS
Exploits0Affected Software2
OSV
OSVadded 2005/02/18 12:0 a.m.18 views

DSA-687-1 bidwatcher - format string

Bulletin has no description...

7.5CVSS6.1AI score0.00899EPSS
Exploits0
Rows per page
Query Builder