Lucene search
K

22 matches found

Tenable Nessus
Tenable Nessus
added 2024/04/27 12:0 a.m.36 views

RHEL 6 / 7 : httpd24 (RHSA-2018:3558)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3558 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of...

10CVSS7AI score0.86006EPSS
Exploits0References89
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.23 views

Mageia: Security Advisory (MGASA-2017-0281)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.3AI score0.03958EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.72 views

Mageia: Security Advisory (MGASA-2018-0053)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.11175EPSS
Exploits0References21
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.33 views

SUSE: Security Advisory (SUSE-SU-2017:2701-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.3AI score0.57595EPSS
Exploits32References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2017:2174-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.2AI score0.03958EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/02/07 12:0 a.m.58 views

Photon OS 2.0: Curl PHSA-2017-0045

An update of the curl package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0045. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121761;...

7.5CVSS6.8AI score0.08465EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/11/13 8:36 a.m.509 views

Moderate: Red Hat Security Advisory: httpd24 security, bug fix, and enhancement update

An update for httpd24-httpd, httpd24-nghttp2, and httpd24-curl is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

10CVSS7AI score0.86006EPSS
Exploits0References49
Cloud Foundry
Cloud Foundry
added 2017/11/01 12:0 a.m.51 views

USN-3441-1: curl vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Daniel Stenberg discovered that curl incorrectly handled large floating point output. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute...

8.1CVSS7.8AI score0.08465EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/10/10 12:54 p.m.69 views

USN-3441-1: curl vulnerabilities

Daniel Stenberg discovered that curl incorrectly handled large floating point output. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2016-9586...

8.1CVSS6.7AI score0.08465EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/10/09 12:0 a.m.40 views

Debian DSA-3992-1 : curl - security update

Several vulnerabilities have been discovered in cURL, an URL transfer library. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2017-1000100 Even Rouault reported that cURL does not properly handle long file names when doing an TFTP upload. A malicious...

7.5CVSS6.4AI score0.08465EPSS
Exploits0References12
Debian
Debian
added 2017/10/06 8:43 p.m.33 views

[SECURITY] [DSA 3992-1] curl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3992-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 06, 2017 https://www.debian.org/security/faq -...

5CVSS1.5AI score0.08465EPSS
Exploits0
Debian
Debian
added 2017/10/06 8:43 p.m.42 views

[SECURITY] [DSA 3992-1] curl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3992-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 06, 2017 https://www.debian.org/security/faq -...

7.5CVSS8AI score0.08465EPSS
Exploits0
Cvelist
Cvelist
added 2017/10/04 1:0 a.m.21 views

CVE-2017-1000101

curl supports "globbing" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a...

6.7AI score0.03875EPSS
Exploits0References7
CVE
CVE
added 2017/10/04 1:0 a.m.177 views

CVE-2017-1000101

CVE-2017-1000101 is supported by multiple sources in the Connected documents, which provide concrete technical details. The flaw exists in curl’s URL globbing logic for numerical ranges: the parsing omission can cause curl to read beyond the end of the URL, storing the URL in a heap-allocated buf...

6.5CVSS6.6AI score0.03875EPSS
Exploits0References7Affected Software1
AlpineLinux
AlpineLinux
added 2017/10/04 1:0 a.m.47 views

CVE-2017-1000101

curl supports "globbing" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a...

6.5CVSS7AI score0.03875EPSS
Exploits0
OSV
OSV
added 2017/10/04 12:0 a.m.5 views

UBUNTU-CVE-2017-1000101

curl supports "globbing" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a...

6.5CVSS6.9AI score0.03875EPSS
Exploits0References4
ArchLinux
ArchLinux
added 2017/08/22 12:0 a.m.39 views

[ASA-201708-16] curl: information disclosure

Arch Linux Security Advisory ASA-201708-16 ========================================== Severity: Medium Date : 2017-08-22 CVE-ID : CVE-2017-1000099 CVE-2017-1000100 CVE-2017-1000101 Package : curl Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-370 Summary...

6.5CVSS7.4AI score0.03958EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2017/08/18 12:0 a.m.33 views

openSUSE Security Update : curl (openSUSE-2017-951)

This update for curl fixes the following issues : - CVE-2017-1000100: TFP sends more than buffer size and it could lead to a denial of service bsc1051644 - CVE-2017-1000101: URL globbing out of bounds read could lead to a denial of service bsc1051643 This update was imported from the...

6.5CVSS6.3AI score0.03958EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2017/08/17 12:0 a.m.42 views

SUSE SLED12 / SLES12 Security Update : curl (SUSE-SU-2017:2174-1)

This update for curl fixes the following issues : - CVE-2017-1000100: TFP sends more than buffer size and it could lead to a denial of service bsc1051644 - CVE-2017-1000101: URL globbing out of bounds read could lead to a denial of service bsc1051643 Note that Tenable Network Security has extract...

6.5CVSS6.3AI score0.03958EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2017/08/14 12:0 a.m.37 views

Fedora 26 : curl (2017-f1ffd18079)

Security fixes for CVE-2017-1000100 and CVE-2017-1000101 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

6.5CVSS6.1AI score0.03958EPSS
Exploits0References4
Rows per page
Query Builder