CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

F5 Networks•added 2023/02/21 6:33 p.m.•34 views

K10196624: libcurl vulnerability CVE-2016-8618

Security Advisory Description The libcurl API function called curlmaprintf before version 7.51.0 can be tricked into doing a double-free due to an unsafe sizet multiplication, on systems using 32 bit sizet variables. CVE-2016-8618 Impact A custom monitor or script that calls the curl command may...

9.8CVSS7.5AI score0.01811EPSS

Exploits0Affected Software16

RedHat Linux•added 2018/11/13 8:36 a.m.•3 views

curl: Double-free in curl_maprintf

The libcurl API function called curlmaprintf before version 7.51.0 can be tricked into doing a double-free due to an unsafe sizet multiplication, on systems using 32 bit sizet variables...

9.8CVSS7.3AI score0.01811EPSS

Exploits0References5

Veracode•added 2018/08/01 10:15 a.m.•22 views

Memory Leak

libcurl.so is vulnerable to memory leak. The attack is possible due to performing sizet multiplication in curlmaprintf on systems using 32 bit causing a double free error.This vulnerability cannot be triggered if there is no publicly exposed function or if 64 bit sizet types are used...

9.8CVSS9.1AI score0.01811EPSS

Exploits0References9Affected Software5

OSV•added 2018/07/31 9:29 p.m.•1 views

ALPINE-CVE-2016-8618

The libcurl API function called curlmaprintf before version 7.51.0 can be tricked into doing a double-free due to an unsafe sizet multiplication, on systems using 32 bit sizet variables...

9.8CVSS6.9AI score0.01811EPSS

Exploits0References1

Prion•added 2018/07/31 9:29 p.m.•20 views

Double free

The libcurl API function called curlmaprintf before version 7.51.0 can be tricked into doing a double-free due to an unsafe sizet multiplication, on systems using 32 bit sizet variables...

7.5CVSS6.8AI score0.01811EPSS

Exploits0References9Affected Software1

OSV•added 2018/07/31 9:29 p.m.•21 views

CVE-2016-8618

The libcurl API function called curlmaprintf before version 7.51.0 can be tricked into doing a double-free due to an unsafe sizet multiplication, on systems using 32 bit sizet variables...

9.8CVSS6.6AI score0.01811EPSS

Exploits0References9

Tenable Nessus•added 2016/11/07 12:0 a.m.•50 views

Debian DSA-3705-1 : curl - security update

Several vulnerabilities were discovered in cURL, an URL transfer library : - CVE-2016-8615 It was discovered that a malicious HTTP server could inject new cookies for arbitrary domains into a cookie jar. - CVE-2016-8616 It was discovered that when re-using a connection, curl was doing case...

9.8CVSS7.3AI score0.04507EPSS

Exploits0References22

OpenVAS•added 2016/11/03 12:0 a.m.•40 views

Debian Security Advisory DSA 3705-1 (curl - security update)

Several vulnerabilities were discovered in cURL, an URL transfer library: CVE-2016-8615 It was discovered that a malicious HTTP server could inject new cookies for arbitrary domains into a cookie jar. CVE-2016-8616 It was discovered that when re-using a connection, curl was doing case insensitive...

0.6AI score0.04507EPSS

Exploits0References1

RedhatCVE•added 2016/11/02 8:47 a.m.•26 views

CVE-2016-8618

The libcurl API function called curlmaprintf before version 7.51.0 can be tricked into doing a double-free due to an unsafe sizet multiplication, on systems using 32 bit sizet variables...

9.8CVSS3.9AI score0.01811EPSS

Exploits0References2

UbuntuCve•added 2016/11/02 12:0 a.m.•24 views

CVE-2016-8618

The libcurl API function called curlmaprintf before version 7.51.0 can be tricked into doing a double-free due to an unsafe sizet multiplication, on systems using 32 bit sizet variables...

9.8CVSS6.8AI score0.01811EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by