Lucene search
K

10318 matches found

OSV
OSV
added 6 days ago13 views

ROOT-OS-DEBIAN-12-CVE-2026-1965 CVE-2026-1965 in rootio-curl - Patched by Root

Root has patched CVE-2026-1965 in the rootio-curl package for Root:Debian:12. Multiple fixed versions available...

6.5CVSS7.1AI score0.00259EPSS
Exploits0
OSV
OSV
added 6 days ago6 views

ROOT-OS-DEBIAN-12-CVE-2025-14017 CVE-2025-14017 in rootio-curl - Patched by Root

Root has patched CVE-2025-14017 in the rootio-curl package for Root:Debian:12. Multiple fixed versions available...

4.8CVSS5.5AI score0.00106EPSS
Exploits0
OSV
OSV
added 6 days ago6 views

ROOT-OS-DEBIAN-12-CVE-2025-10148 CVE-2025-10148 in rootio-curl - Patched by Root

Root has patched CVE-2025-10148 in the rootio-curl package for Root:Debian:12. Multiple fixed versions available...

5.3CVSS5.4AI score0.00466EPSS
Exploits0
OSV
OSV
added 6 days ago7 views

ROOT-OS-DEBIAN-12-CVE-2025-10966 CVE-2025-10966 in rootio-curl - Patched by Root

Root has patched CVE-2025-10966 in the rootio-curl package for Root:Debian:12. Multiple fixed versions available...

4.3CVSS5.5AI score0.0039EPSS
Exploits1
OSV
OSV
added 6 days ago7 views

ROOT-OS-DEBIAN-12-CVE-2026-3783 CVE-2026-3783 in rootio-curl - Patched by Root

Root has patched CVE-2026-3783 in the rootio-curl package for Root:Debian:12. Multiple fixed versions available...

5.3CVSS5.8AI score0.00333EPSS
Exploits1
OSV
OSV
added 6 days ago11 views

ROOT-OS-DEBIAN-12-CVE-2026-6429 CVE-2026-6429 in rootio-curl - Patched by Root

Root has patched CVE-2026-6429 in the rootio-curl package for Root:Debian:12. Multiple fixed versions available...

6.5CVSS5.8AI score0.00519EPSS
Exploits1
OSV
OSV
added 6 days ago6 views

ROOT-OS-DEBIAN-12-CVE-2026-3784 CVE-2026-3784 in rootio-curl - Patched by Root

Root has patched CVE-2026-3784 in the rootio-curl package for Root:Debian:12. Multiple fixed versions available...

6.5CVSS5.8AI score0.00302EPSS
Exploits1
OSV
OSV
added 6 days ago5 views

ROOT-OS-DEBIAN-12-CVE-2024-2379 CVE-2024-2379 in rootio-curl - Patched by Root

Root has patched CVE-2024-2379 in the rootio-curl package for Root:Debian:12. Multiple fixed versions available...

6.3CVSS5.5AI score0.01709EPSS
Exploits1
OSV
OSV
added 6 days ago18 views

ROOT-OS-DEBIAN-12-CVE-2026-5545 CVE-2026-5545 in rootio-curl - Patched by Root

Root has patched CVE-2026-5545 in the rootio-curl package for Root:Debian:12. Multiple fixed versions available...

6.5CVSS5.8AI score0.00414EPSS
Exploits1
OSV
OSV
added 6 days ago9 views

ROOT-OS-DEBIAN-12-CVE-2026-6253 CVE-2026-6253 in rootio-curl - Patched by Root

Root has patched CVE-2026-6253 in the rootio-curl package for Root:Debian:12. Multiple fixed versions available...

5.3CVSS5.8AI score0.00639EPSS
Exploits1
SUSE CVE
SUSE CVE
added 6 days ago4 views

SUSE CVE-2026-8924

A flaw in curl's cookie parsing logic allows a malicious HTTP server to set 'super cookies' that bypass the Public Suffix List check. This enables an attacker-controlled origin to inject cookies that curl subsequently scopes and transmits to unrelated third-party domains...

8.1CVSS6.1AI score0.00649EPSS
Exploits1References8
SUSE CVE
SUSE CVE
added 6 days ago4 views

SUSE CVE-2026-9080

Calling curleasypause within the event-based CURLMOPTSOCKETFUNCTION callback triggers a use-after-free vulnerability, where libcurl attempts to store a flag using a dangling struct pointer immediately after that pointer's memory has been freed...

5.9CVSS6AI score0.00494EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 6 days ago9 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 24.04 LTS / 26.04 LTS : curl vulnerabilities (USN-8525-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 24.04 LTS / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8525-1 advisory. Harry Sintonen discovered that curl incorrectly handled credentials when following HTTP...

9.8CVSS6.7AI score0.01378EPSS
Exploits10References11
Ubuntu
Ubuntu
added last week6 views

USN-8525-1: curl vulnerabilities

Harry Sintonen discovered that curl incorrectly handled credentials when following HTTP redirects in conjunction with .netrc files. An attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS...

9.8CVSS6.8AI score0.01378EPSS
Exploits10
RedhatCVE
RedhatCVE
added 2026/07/08 7:27 p.m.4 views

CVE-2026-11564

A flaw was found in curl. When libcurl reuses a connection from its connection pool, an easy handle that initially used default native Certificate Authority CA trust may continue to trust the native platform store. This occurs even after the application has switched that same handle to custom CA...

9.1CVSS5.8AI score0.0061EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/07/08 7:27 p.m.5 views

CVE-2026-10536

A flaw was found in libcurl. This use-after-free vulnerability occurs when an application configures an HTTP/2 stream-dependency tree and then performs a sequence of operations involving curleasyreset and curleasycleanup. During the final cleanup, libcurl attempts to access memory that has alread...

9.8CVSS5.8AI score0.00891EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/07/07 4:27 a.m.6 views

CVE-2026-8924

A flaw was found in curl's cookie parsing logic. A malicious HTTP server can exploit this by setting 'super cookies' that bypass the Public Suffix List check. This allows an attacker-controlled origin to inject cookies that curl then transmits to unrelated third-party domains, leading to...

9.1CVSS5.9AI score0.00649EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/07/06 11:3 p.m.8 views

CVE-2026-11352

A flaw was found in curl and libcurl. A malicious HTTP/3 server can exploit an issue in the QUIC UDP receive function by continuously streaming empty UDP datagrams. This can lead to a remote denial of service DoS against a curl or libcurl client, as the helper function discards zero-length UDP...

7.5CVSS6.1AI score0.0101EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/07/06 10:43 p.m.6 views

CVE-2026-11586

A flaw was found in curl. A malicious server can exploit this vulnerability by sending rapid, sequential WebSocket PING messages. Due to a lack of an upper bound on memory allocation for unacknowledged frames, curl can be forced to exhaust all available memory, leading to a denial of service...

7.5CVSS5.8AI score0.0086EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/07/06 10:8 p.m.7 views

CVE-2026-12064

A flaw was found in curl. When a user invokes curl with a schemeless URL and specifies SFTP SSH File Transfer Protocol or SCP Secure Copy Protocol as the default protocol, the tool layer fails to initialize critical SSH security options. This bypasses host verification, allowing curl to connect t...

7.5CVSS5.9AI score0.00574EPSS
Exploits1References6
Rows per page
Query Builder