Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Tenable Nessus
Tenable Nessusadded 2015/11/24 12:0 a.m.26 views

Oracle Linux 7 : curl (ELSA-2015-2159)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-2159 advisory. - require credentials to match for NTLM re-use CVE-2015-3143 - close Negotiate connections when done CVE-2015-3148 - reject CRLFs in URLs passed to pro...

5CVSS7.7AI score0.17942EPSS
Exploits1References6
Tenable Nessus
Tenable Nessusadded 2015/07/30 12:0 a.m.51 views

Oracle Linux 6 : curl (ELSA-2015-1254)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-1254 advisory. - require credentials to match for NTLM re-use CVE-2015-3143 - close Negotiate connections when done CVE-2015-3148 - reject CRLFs in URLs passed to pro...

5CVSS7.7AI score0.17942EPSS
Exploits1References6
Oracle linux
Oracle linuxadded 2015/07/28 12:0 a.m.58 views

curl security, bug fix, and enhancement update

7.19.7-46 - require credentials to match for NTLM re-use CVE-2015-3143 - close Negotiate connections when done CVE-2015-3148 7.19.7-45 - reject CRLFs in URLs passed to proxy CVE-2014-8150 7.19.7-44 - use only full matches for hosts used as IP address in cookies CVE-2014-3613 - fix handling of...

5CVSS0.2AI score0.17942EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2015/02/11 12:0 a.m.28 views

openSUSE Security Update : curl (openSUSE-2015-125)

was updated to version 7.40.0 to fix two security issues. These security issues were fixed : - CVE-2014-8150: CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allowed remote attackers to inject arbitrary HTTP headers and conduct HTTP response...

4.3CVSS7.9AI score0.0681EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2014/12/15 12:0 a.m.35 views

Fedora 20 : curl-7.32.0-17.fc20 (2014-16538)

make CURLOPTLOWSPEEDLIMIT work again with threaded resolver 1172572 - allow to use TLS 1.1 and TLS 1.2 1153814 - disable libcurl-level downgrade to SSLv3 1166567 - low-speed-limit: avoid timeout flood 1166239 - fix handling of CURLOPTCOPYPOSTFIELDS in curleasyduphandle CVE-2014-3707 Note that...

4.3CVSS7.5AI score0.05121EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2014/11/19 12:0 a.m.28 views

Mandriva Linux Security Advisory : curl (MDVSA-2014:213)

Updated curl packages fix security vulnerability : Symeon Paraschoudis discovered that the curleasyduphandle function in cURL has a bug that can lead to libcurl eventually sending off sensitive data that was not intended for sending, while performing a HTTP POST operation. This bug requires...

4.3CVSS7.5AI score0.05121EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2014/11/05 12:0 a.m.25 views

CVE-2014-3707

The curleasyduphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPTCOPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an out-of-bounds read that allows remote web servers to read sensitive memory information...

4.3CVSS7AI score0.05121EPSS
Exploits0References3
Rows per page
Query Builder