Lucene search
K

36 matches found

Circl
Circl
added 2024/03/25 11:49 a.m.5 views

CVE-2014-3707

creationtimestamp| type| source ---|---|--- 2024-03-25 11:49:23+00:00| seen| https://t.me/ETHICALHACKERSCOMMUNITY2/3889 2024-03-25 14:38:09+00:00| seen| Telegram/HKj6TR4hMohrGsEUcNFDijNGdim3MCZhggfzha3EYtXw 2024-03-25 14:38:09+00:00| seen| https://t.me/tengkorakcybercrewz/4400 2024-03-25...

4.3CVSS7.1AI score0.05121EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/23 1:31 a.m.48 views

Security Bulletin: Vulnerabilities in curl affect Power Hardware Management Console (CVE-2015-3143 CVE-2015-3148 CVE-2015-3153 CVE-2014-3613 CVE-2014-3707 CVE-2014-8150)

Summary curl is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-3143 DESCRIPTION: libcurl could allow a remote attacker from within the local network to bypass security restrictions, caused by the re-use of recently...

5CVSS8.7AI score0.17942EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2015:0083-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS9.7AI score0.0681EPSS
Exploits0References2
Veracode
Veracode
added 2019/05/02 5:40 a.m.36 views

CRLF Injection

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. It was found that the libcurl library did not correctly handle partial literal IP addresses when parsing received HTTP cookies. An attacker...

5CVSS8.5AI score0.17942EPSS
Exploits0References39Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:30 a.m.37 views

Security Bulletin: Multiple vulnerabilities in curl affect PowerKVM

Summary PowerKVM is affected by several vulnerabilities in curl. These vulnerabilities are now fixed. Vulnerability Details CVEID: CVE-2014-3613 DESCRIPTION: cURL/libcURL could allow a remote attacker to bypass security restrictions, caused by the failure to properly detect and reject domain name...

5CVSS0.7AI score0.17942EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:30 p.m.38 views

Security Bulletin: Vulnerabilities in curl affect IBM Security Network Protection

Summary The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security vulnerabilities have been discovered in libcurl used with IBM Security Network Protection. Vulnerability Details CVEID:...

5CVSS0.7AI score0.17942EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2016/05/07 12:0 a.m.66 views

Juniper Networks Junos OS Multiple cURL and libcurl Vulnerabilities

Junos OS is prone to multiple vulnerabilities in cURL and libcurl. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:juniper:junos"...

9CVSS7AI score0.3763EPSS
Exploits1References1
Cent OS
Cent OS
added 2015/11/30 7:26 p.m.80 views

curl, libcurl security update

CentOS Errata and Security Advisory CESA-2015:2159 Updated curl packages that fix multiple security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common...

5CVSS6.8AI score0.17942EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2015/11/20 12:0 a.m.41 views

RedHat Update for curl RHSA-2015:2159-06

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS9.9AI score0.17942EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2015/11/19 3:26 a.m.46 views

Moderate: Red Hat Security Advisory: curl security, bug fix, and enhancement update

Updated curl packages that fix multiple security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

5CVSS6.8AI score0.17942EPSS
Exploits0References12
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.42 views

Oracle: Security Advisory (ELSA-2015-1254)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS9.1AI score0.17942EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/08/04 12:0 a.m.43 views

Scientific Linux Security Update : curl on SL6.x i386/x86_64 (20150722)

It was found that the libcurl library did not correctly handle partial literal IP addresses when parsing received HTTP cookies. An attacker able to trick a user into connecting to a malicious server could use this flaw to set the user's cookie to a crafted domain, making other cookie-related issu...

5CVSS7.2AI score0.17942EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2015/07/31 12:0 a.m.37 views

OracleVM 3.3 : curl (OVMSA-2015-0107)

The remote OracleVM system is missing necessary patches to address critical security updates : - require credentials to match for NTLM re-use CVE-2015-3143 - close Negotiate connections when done CVE-2015-3148 - reject CRLFs in URLs passed to proxy CVE-2014-8150 - use only full matches for hosts...

6.4CVSS7.2AI score0.17942EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2015/07/20 1:50 p.m.54 views

Moderate: Red Hat Security Advisory: curl security, bug fix, and enhancement update

Updated curl packages that fix multiple security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

5CVSS6.8AI score0.17942EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2015/05/20 12:0 a.m.35 views

SUSE SLED12 / SLES12 Security Update : curl (SUSE-SU-2015:0083-1)

This update fixes the following security issues - CVE-2014-8150: URL request injection vulnerability bnc911363 - CVE-2014-3707: duphandle read out of bounds bnc901924 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable...

4.3CVSS7.5AI score0.0681EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2015/05/05 12:0 a.m.44 views

Fedora Update for mingw-curl FEDORA-2015-6853

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS8.1AI score0.3763EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/04/29 12:0 a.m.33 views

Fedora Update for curl FEDORA-2015-6712

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.3763EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2015/02/11 12:0 a.m.28 views

openSUSE Security Update : curl (openSUSE-2015-125)

was updated to version 7.40.0 to fix two security issues. These security issues were fixed : - CVE-2014-8150: CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allowed remote attackers to inject arbitrary HTTP headers and conduct HTTP response...

4.3CVSS7.9AI score0.0681EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/02/02 12:0 a.m.43 views

SuSE 11.3 Security Update : curl (SAT Patch Number 10166)

This update fixes the following security issues : - URL request injection bnc911363 When libcurl sends a request to a server via a HTTP proxy, it copies the entire URL into the request and sends if off. CVE-2014-8150 If the given URL contains line feeds and carriage returns those will be sent alo...

5CVSS7.5AI score0.07432EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2015/01/05 12:0 a.m.42 views

Fedora 19 : curl-7.29.0-27.fc19 (2014-16690)

make CURLOPTLOWSPEEDLIMIT work again with threaded resolver 1172572 - allow to use TLS 1.1 and TLS 1.2 1153814 - disable libcurl-level downgrade to SSLv3 1166567 - low-speed-limit: avoid timeout flood 1166239 - fix handling of CURLOPTCOPYPOSTFIELDS in curleasyduphandle CVE-2014-3707 Note that...

4.3CVSS7.5AI score0.05121EPSS
Exploits0References3
Rows per page
Query Builder