Lucene search
K

42 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2014-0015

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-dependent...

4CVSS6.8AI score0.05599EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:33 a.m.4 views

SUSE CVE-2014-0015

cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-dependent attackers to authenticate as other users via a request...

4CVSS7.1AI score0.05599EPSS
Exploits1References12
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/23 5:14 p.m.69 views

Security Bulletin: Network Intrusion Prevention System is affected by curl and php5 vulnerabilities (CVE-2013-2174, CVE-2014-0015, CVE-2014-0138, CVE-2014-0139, CVE-2013-4248, CVE-2013-6420, CVE-2014-2497, CVE-2014-4049)

Summary Security vulnerabilities have been discovered in curl and php5 that are used in IBM Security Network Intrusion Prevention System. Vulnerability Details CVE-ID: CVE-2013-2174 DESCRIPTION: cURL/libcURL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the...

7.5CVSS8.5AI score0.35635EPSS
Exploits14Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.28 views

Mageia: Security Advisory (MGASA-2014-0153)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS8.5AI score0.05599EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2014:0175-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4CVSS8.4AI score0.05599EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2014:0175-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4CVSS8.4AI score0.05599EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.12 views

SUSE: Security Advisory (SUSE-SU-2014:0171-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4CVSS8.4AI score0.05599EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 1:35 a.m.35 views

Security Bulletin: Vulnerabilities in cURL affect System x Integrated Management Module (IMM) (CVE-2013-2174, CVE-2014-0015, CVE-2014-0138, CVE-2014-0139)

Summary Several cURL vulnerabilities were disclosed. This bulletin addresses these cURL vulnerabilities that affect IMM. Vulnerability Details Abstract Several cURL vulnerabilities were disclosed. This bulletin addresses these cURL vulnerabilities that affect IMM. Content Vulnerability Details:...

6.8CVSS0.6AI score0.11118EPSS
Exploits3
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 1:35 a.m.56 views

Security Bulletin: Security vulnerabilities in Open SSL, OpenSSH and curl affect the Integrated Management Module II (IMM2)

Summary Security vulnerabilities in Open SSL, OpenSSH and curl affect the Integrated Management Module II IMM2. Vulnerability Details Abstract Security vulnerabilities in Open SSL, OpenSSH and curl affect the Integrated Management Module II IMM2. Vulnerability Details CVE-ID: CVE-2014-2653...

6.8CVSS0.8AI score0.51436EPSS
Exploits6
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 1:25 a.m.36 views

Security Bulletin: IBM ToolsCenter is affected by several cURL potential vulnerabilities (CVE-2014-0015, CVE-2014-0139, CVE-2014-0138, CVE-2014-2522)

Summary Security vulnerabilities have been discovered in cURL that were reported in January and March of 2014 by the cURL project. Vulnerability Details Abstract Security vulnerabilities have been discovered in cURL that were reported in January and March of 2014 by the cURL project. Content...

6.4CVSS0.9AI score0.05599EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2017/04/06 12:0 a.m.76 views

F5 Networks BIG-IP : cURL and libcurl vulnerability (K16704)

cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015. CVE-2015-3143 C Tenable Network Security, Inc. The descriptive text and package checks in thi...

5CVSS6.5AI score0.16222EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2016/05/07 12:0 a.m.66 views

Juniper Networks Junos OS Multiple cURL and libcurl Vulnerabilities

Junos OS is prone to multiple vulnerabilities in cURL and libcurl. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:juniper:junos"...

9CVSS7AI score0.3763EPSS
Exploits1References1
Prion
Prion
added 2016/01/29 8:59 p.m.31 views

Design/Logic Flaw

The ConnectionExists function in lib/url.c in libcurl before 7.47.0 does not properly re-use NTLM-authenticated proxy connections, which might allow remote attackers to authenticate as other users via a request, a similar issue to CVE-2014-0015...

5CVSS7AI score0.09327EPSS
Exploits1References18Affected Software3
Debian CVE
Debian CVE
added 2016/01/29 8:0 p.m.41 views

CVE-2016-0755

The ConnectionExists function in lib/url.c in libcurl before 7.47.0 does not properly re-use NTLM-authenticated proxy connections, which might allow remote attackers to authenticate as other users via a request, a similar issue to CVE-2014-0015...

7.3CVSS6.8AI score0.09327EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/12/30 12:0 a.m.69 views

VMware ESXi Multiple Vulnerabilities (VMSA-2014-0012)

The remote VMware ESXi host is affected by multiple vulnerabilities : - Multiple denial of service vulnerabilities exist in Python function readstatus in library httplib and in function readline in libraries smtplib, ftplib, nntplib, imaplib, and poplib. A remote attacker can exploit these...

6.4CVSS7.2AI score0.081EPSS
Exploits3References8
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.26 views

Amazon Linux: Security Advisory (ALAS-2014-295)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4CVSS6.7AI score0.05599EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2015/04/29 12:0 a.m.35 views

Fedora Update for curl FEDORA-2015-6712

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.3763EPSS
Exploits1References2
NVD
NVD
added 2015/04/24 2:59 p.m.25 views

CVE-2015-3143

cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015...

5CVSS7.6AI score0.16222EPSS
Exploits0References23
CVE
CVE
added 2015/04/24 2:0 p.m.164 views

CVE-2015-3143

The connected documents provide concrete details for CVE-2015-3143: in curl and libcurl, versions 7.10.6 through 7.41.0 failed to properly re-use NTLM connections, enabling a remote attacker to connect as another user via an unauthenticated request (NTLM/Negotiate authentication interaction). Thi...

5CVSS7.3AI score0.16222EPSS
Exploits0References23Affected Software1
OpenVAS
OpenVAS
added 2015/01/05 12:0 a.m.35 views

Fedora Update for curl FEDORA-2014-16690

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS7.9AI score0.11118EPSS
Exploits3References2
Rows per page
Query Builder