Lucene search
K

27 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:32 a.m.4 views

SUSE CVE-2014-0139

cURL and libcurl 7.1 before 7.36.0, when using the OpenSSL, axtls, qsossl or gskit libraries for TLS, recognize a wildcard IP address in the subject's Common Name CN field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certifica...

5.8CVSS6.8AI score0.04888EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/23 5:14 p.m.68 views

Security Bulletin: Network Intrusion Prevention System is affected by curl and php5 vulnerabilities (CVE-2013-2174, CVE-2014-0015, CVE-2014-0138, CVE-2014-0139, CVE-2013-4248, CVE-2013-6420, CVE-2014-2497, CVE-2014-4049)

Summary Security vulnerabilities have been discovered in curl and php5 that are used in IBM Security Network Intrusion Prevention System. Vulnerability Details CVE-ID: CVE-2013-2174 DESCRIPTION: cURL/libcURL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the...

7.5CVSS8.5AI score0.35635EPSS
Exploits14Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.23 views

Mageia: Security Advisory (MGASA-2015-0165)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8CVSS6.8AI score0.04888EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.28 views

Mageia: Security Advisory (MGASA-2014-0153)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS8.5AI score0.05599EPSS
Exploits1References7
Rosalinux
Rosalinux
added 2021/07/02 4:36 p.m.55 views

Advisory ROSA-SA-2021-1818

Software: curl 7.29.0 OS: Cobalt 7.9 CVE-ID: CVE-2013-4545 CVE-Crit: CRITICAL CVE-DESC: cURL and libcurl from 7.18.0 through 7.32.0 when built with OpenSSL disables validation of CN and SAN certificate name fields CURLOPTSSLVERIFYHOST when digital signature validation CURLOPTSSLVERIFYPEER is...

9.8CVSS9.8AI score0.09327EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2014:0691-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS9.6AI score0.0508EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/06/16 12:0 a.m.45 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2020-1626)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.06377EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.45 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2019-1172)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.08031EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 1:35 a.m.35 views

Security Bulletin: Vulnerabilities in cURL affect System x Integrated Management Module (IMM) (CVE-2013-2174, CVE-2014-0015, CVE-2014-0138, CVE-2014-0139)

Summary Several cURL vulnerabilities were disclosed. This bulletin addresses these cURL vulnerabilities that affect IMM. Vulnerability Details Abstract Several cURL vulnerabilities were disclosed. This bulletin addresses these cURL vulnerabilities that affect IMM. Content Vulnerability Details:...

6.8CVSS0.6AI score0.11118EPSS
Exploits3
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 1:25 a.m.36 views

Security Bulletin: IBM ToolsCenter is affected by several cURL potential vulnerabilities (CVE-2014-0015, CVE-2014-0139, CVE-2014-0138, CVE-2014-2522)

Summary Security vulnerabilities have been discovered in cURL that were reported in January and March of 2014 by the cURL project. Vulnerability Details Abstract Security vulnerabilities have been discovered in cURL that were reported in January and March of 2014 by the cURL project. Content...

6.4CVSS0.9AI score0.05599EPSS
Exploits2
OpenVAS
OpenVAS
added 2015/09/29 12:0 a.m.24 views

Gentoo Security Advisory GLSA 201406-21

Gentoo Linux Local Security Checks GLSA 201406-21 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

6.4CVSS6.7AI score0.0508EPSS
Exploits0References1
OSV
OSV
added 2015/04/23 9:14 p.m.7 views

MGASA-2015-0165 Updated lftp packages fix CVE-2014-0139

Updated lftp packages fix security vulnerability: lftp incorrectly validates wildcard SSL certificates containing literal IP addresses, so under certain conditions, it would allow and use a wildcard match specified in the CN field, allowing a malicious server to participate in a MITM attack or ju...

5.8CVSS6.4AI score0.04888EPSS
Exploits0References4
Mageia
Mageia
added 2015/04/23 9:14 p.m.46 views

Updated lftp packages fix CVE-2014-0139

Updated lftp packages fix security vulnerability: lftp incorrectly validates wildcard SSL certificates containing literal IP addresses, so under certain conditions, it would allow and use a wildcard match specified in the CN field, allowing a malicious server to participate in a MITM attack or ju...

5.8CVSS6.4AI score0.04888EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2014/06/17 12:0 a.m.34 views

Fedora Update for mingw-curl FEDORA-2014-6921

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8CVSS7.8AI score0.04888EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2014/06/17 12:0 a.m.29 views

Fedora Update for mingw-curl FEDORA-2014-6912

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8CVSS7.8AI score0.04888EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.34 views

openSUSE Security Update : curl (openSUSE-SU-2014:0598-1)

This curl update fixes two security issues : - bnc868627: Fixed wrong re-use of connections CVE-2014-0138. - bnc868629: Fixed IP address wildcard certificate validation CVE-2014-0139. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

6.4CVSS6.2AI score0.0508EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2014/06/10 12:0 a.m.45 views

Fedora 20 : mingw-curl-7.37.0-1.fc20 (2014-6912)

Update to 7.37.0 - Fixes CVE-2014-0138 and CVE-2014-0139 RHBZ 1080880 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

6.4CVSS6.3AI score0.0508EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/06/10 12:0 a.m.32 views

Fedora 19 : mingw-curl-7.37.0-1.fc19 (2014-6921)

Update to 7.37.0 - Fixes CVE-2014-0138 and CVE-2014-0139 RHBZ 1080880 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

6.4CVSS6.3AI score0.0508EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/05/21 12:0 a.m.53 views

SuSE 11.3 Security Update : curl (SAT Patch Number 9133)

This curl update fixes the following security issues : - wrong re-use of connections. CVE-2014-0138. bnc868627 - IP address wildcard certificate validation. CVE-2014-0139. bnc868629 - --insecure option inappropriately enforcing security safeguard. bnc870444 %NASLMINLEVEL 70300 C Tenable Network...

6.4CVSS6.2AI score0.0508EPSS
Exploits0References7
OSV
OSV
added 2014/04/15 3:50 p.m.8 views

SUSE-SU-2015:0962-1 Security update for curl

This curl update fixes the following security issues: bnc868627: wrong re-use of connections CVE-2014-0138. bnc868629: IP address wildcard certificate validation CVE-2014-0139. bnc870444: --insecure option inappropriately enforcing security safeguard. Security Issue references: CVE-2014-0138...

6.8CVSS5.7AI score0.17942EPSS
Exploits3References19
Rows per page
Query Builder