Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2016-9469

Malware in sbrugna...

7.5CVSS7.4AI score0.05915EPSS
Exploits0References20
EUVD
EUVDadded 2025/10/07 12:30 a.m.5 views

EUVD-2016-4752

Malware in sbrugna...

5.3CVSS5.6AI score0.06377EPSS
Exploits0References13
Hacker One
Hacker Oneadded 2025/01/27 5:30 p.m.1589 views

curl: curl allows SSH connection even if host is not in known_hosts

Summary: Curl does not fail if the SSH host identity cannot be verified due to the host not being included in the .ssh/knownhosts file. This makes using curl to login into an previously unknown ssh host system vulnerable to meddler in the middle attacks. When using key based authentication it wil...

6.9AI score
Exploits0
Prion
Prionadded 2023/02/23 8:15 p.m.38 views

Design/Logic Flaw

An allocation of resources without limits or throttling vulnerability exists in curl v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this...

4.3CVSS7.4AI score0.01703EPSS
Exploits1References6Affected Software3
Mageia
Mageiaadded 2022/05/15 10:6 a.m.88 views

Updated curl packages fix security vulnerability

CERTINFO never-ending busy-loop. CVE-2022-27781 TLS and SSH connection too eager reuse. CVE-2022-27782...

7.5CVSS1.5AI score0.02596EPSS
Exploits2References4
UbuntuCve
UbuntuCveadded 2021/09/15 12:0 a.m.40 views

CVE-2021-22947

When curl = 7.20.0 and = 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. curl would then upgrade to TLS but not flush the in-queue of cached responses but instea...

5.9CVSS6.8AI score0.02799EPSS
Exploits1References7
OPENSUSE Linux
OPENSUSE Linuxadded 2019/06/03 12:0 a.m.161 views

Security update for curl (important)

openSUSE Security Update: Security update for curl Announcement ID: openSUSE-SU-2019:1492-1 Rating: important References: 1135170 Cross-References: CVE-2019-5436 Affected Products: openSUSE Leap 42.3 An update that fixes one vulnerability is now available. Description: This update for curl fixes...

7.8CVSS7AI score0.49739EPSS
Exploits1References1
OSV
OSVadded 2017/08/19 9:58 a.m.10 views

MGASA-2017-0281 Updated curl packages fix security vulnerabilities

When asking to get a file from a file:// URL, libcurl provides a feature that outputs meta-data about the file using HTTP-like headers. The code doing this would send the wrong buffer to the user stdout or the application's provide callback, which could lead to other private data from the heap to...

6.5CVSS6.6AI score0.03958EPSS
Exploits0References5
OSV
OSVadded 2016/11/02 8:0 a.m.6 views

CURL-CVE-2016-8621 curl_getdate read out of bounds

The curlgetdate converts a given date string into a numerical timestamp and it supports a range of different formats and possibilities to express a date and time. The underlying date parsing function is also used internally when parsing for example HTTP cookies possibly received from remote serve...

7.5CVSS8.5AI score0.04927EPSS
Exploits0
UbuntuCve
UbuntuCveadded 2016/11/02 12:0 a.m.25 views

CVE-2016-8619

The function readdata in security.c in curl before version 7.51.0 is vulnerable to memory double free...

9.8CVSS6.8AI score0.04989EPSS
Exploits0References3
Rows per page
Query Builder