Lucene search
K

42 matches found

Tenable Nessus
Tenable Nessus
added 2024/07/23 12:0 a.m.23 views

Photon OS 2.0: Curl PHSA-2019-2.0-0128

An update of the curl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-2.0-0128. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

10CVSS7.7AI score0.11115EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/04/27 12:0 a.m.36 views

RHEL 6 / 7 : httpd24 (RHSA-2018:3558)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3558 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of...

10CVSS7AI score0.86006EPSS
Exploits0References89
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/07 10:45 p.m.44 views

Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerability in cURL (CVE-2018-14618)

Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerability in cURL. Vulnerability Details CVEID: CVE-2018-14618 DESCRIPTION: cURL libcurl is vulnerable to a buffer overflow, caused by an integer overflow flaw in the Curlntlmcoremknthash internal function in the NTLM...

10CVSS2.3AI score0.11115EPSS
Exploits0Affected Software2
OpenVAS
OpenVAS
added 2022/04/21 12:0 a.m.9 views

Slackware: Security Advisory (SSA:2018-249-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.9AI score0.11115EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2018:2717-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.7AI score0.11115EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.15 views

SUSE: Security Advisory (SUSE-SU-2018:2715-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.7AI score0.11115EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2019-1090)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.8AI score0.11115EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2019-1047)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.8AI score0.11115EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/20 1:58 p.m.42 views

Security Bulletin: Multiple Vulnerabilities in libCurl affects IBM Watson Studio Local

Summary Multiple Vulnerabilities in libCurl affects IBM Watson Studio Local Vulnerability Details CVEID: CVE-2019-5435 DESCRIPTION: An integer overflow in curl's URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1. CVSS Base score: 7.3 CVSS Temporal Score: See:...

10CVSS0.9AI score0.49739EPSS
Exploits3Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.29 views

Scientific Linux Security Update : curl on SL7.x x86_64 (20190729)

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes : - curl: NTLM password overflow via integer overflow CVE-2018-14618 For more details about the security issues, including t...

10CVSS7AI score0.11115EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.36 views

Oracle Linux 7 : curl (ELSA-2019-1880)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-1880 advisory. - CVE-2016-8615 cookie injection for other servers https://curl.haxx.se/docs/CVE-2016-8615.html - CVE-2016-8616 case insensitive password comparison...

10CVSS7.3AI score0.11115EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2019/07/30 12:0 a.m.198 views

curl security and bug fix update

7.29.0-51.0.1.el76.3 - Security Fixes OraBug: 28939992 - CVE-2016-8615 cookie injection for other servers https://curl.haxx.se/docs/CVE-2016-8615.html - CVE-2016-8616 case insensitive password comparison https://curl.haxx.se/docs/CVE-2016-8616.html - CVE-2016-8617 OOB write via unchecked...

10CVSS2.6AI score0.11115EPSS
Exploits0
Hacker One
Hacker One
added 2019/04/24 12:5 p.m.57 views

curl: An integer overflow found in /lib/urlapi.c

Summary: libcurl contains a heap-based buffer overrun in /lib/urlapi.c. A similiar issue to CVE-2018-14618. Steps To Reproduce: analysis I found a potential integer overflow which may lead to a buffer overrun in /curl/lib/urlapi.c. In function seturl, urllen was multiplied by 2 and then passed to...

10CVSS7.8AI score0.11115EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.23 views

openSUSE Security Update : curl (openSUSE-2019-694)

This update for curl fixes the following issues : This security issue was fixed : - CVE-2018-14618: Prevent integer overflow in the NTLM authentication code bsc1106019 This non-security issue was fixed : - Use OPENSSLconfig instead of CONFmodulesloadfile to avoid crashes due to openssl engines...

10CVSS7AI score0.11115EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/02/22 12:0 a.m.103 views

EulerOS 2.0 SP2 : curl (EulerOS-SA-2019-1047)

According to the version of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curlntlmcoremknthash multiplies t...

10CVSS7.1AI score0.11115EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.39 views

Fedora 28 : curl (2018-111044d435)

fix NTLM password overflow via integer overflow CVE-2018-14618 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...

10CVSS6.9AI score0.11115EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.33 views

Fedora 29 : curl (2018-7f83032de6)

fix NTLM password overflow via integer overflow CVE-2018-14618 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...

10CVSS6.9AI score0.11115EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.27 views

SUSE SLED15 / SLES15 Security Update : curl (SUSE-SU-2018:2714-1)

This update for curl fixes the following issues : This security issue was fixed : CVE-2018-14618: Prevent integer overflow in the NTLM authentication code bsc1106019 The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the...

10CVSS6.9AI score0.11115EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2018/12/20 12:0 a.m.97 views

Amazon Linux 2 : curl (ALAS-2018-1135)

curl is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curlntlmcoremknthash multiplies the length of the password by two SUM to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over...

10CVSS7.4AI score0.11115EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2018/11/13 8:36 a.m.509 views

Moderate: Red Hat Security Advisory: httpd24 security, bug fix, and enhancement update

An update for httpd24-httpd, httpd24-nghttp2, and httpd24-curl is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

10CVSS7AI score0.86006EPSS
Exploits0References49
Rows per page
Query Builder