Lucene search
K

29 matches found

OSV
OSV
added 2023/08/31 12:16 p.m.2 views

BELL-CVE-2018-16890 CVE-2018-16890 does not affect BellSoft software

Bulletin has no description...

7.5CVSS5.8AI score0.05351EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:23 a.m.3 views

SUSE CVE-2018-16890

libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages lib/vauth/ntlm.c:ntlmdecodetype2target does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that...

3.1CVSS9.8AI score0.05351EPSS
Exploits0References29
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2019:0339-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.12771EPSS
Exploits2References9
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2019:0249-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.8AI score0.12771EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2021/01/29 12:0 a.m.98 views

CentOS 8 : curl (CESA-2019:3701)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3701 advisory. - curl: NTLM type-2 heap out-of-bounds buffer read CVE-2018-16890 - wget: Information exposure in setfilemetadata function in xattr.c CVE-2018-20483 -...

9.8CVSS6.7AI score0.12771EPSS
Exploits3References5
Oracle linux
Oracle linux
added 2019/11/14 12:0 a.m.46 views

curl security and bug fix update

7.61.1-11 - rebuild with updated annobin to prevent Execshield RPMDiff check from failing 7.61.1-10 - fix SMTP end-of-response out-of-bounds read CVE-2019-3823 - fix NTLMv2 type-3 header stack buffer overflow CVE-2019-3822 - fix NTLM type-2 out-of-bounds buffer read CVE-2018-16890 - xattr: strip...

9.8CVSS1.7AI score0.12771EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2019/11/06 12:0 a.m.39 views

RHEL 8 : curl (RHSA-2019:3701)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3701 advisory. The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTT...

9.8CVSS6.9AI score0.12771EPSS
Exploits3References13
OpenVAS
OpenVAS
added 2019/06/10 12:0 a.m.38 views

Fedora Update for curl FEDORA-2019-697de0501f

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8AI score0.49739EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2019/02/15 12:0 a.m.32 views

openSUSE: Security Advisory for curl (openSUSE-SU-2019:0174-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.6AI score0.12771EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2019/02/15 12:0 a.m.35 views

openSUSE: Security Advisory for curl (openSUSE-SU-2019:0173-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.6AI score0.12771EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2019/02/15 12:0 a.m.76 views

openSUSE Security Update : curl (openSUSE-2019-173)

This update for curl fixes the following issues : Security issues fixed : - CVE-2019-3823: Fixed a heap out-of-bounds read in the code handling the end-of-response for SMTP bsc1123378. - CVE-2019-3822: Fixed a stack based buffer overflow in the function creating an outgoing NTLM type-3 message...

9.8CVSS6.6AI score0.12771EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2019/02/13 12:0 a.m.65 views

SUSE SLED12 / SLES12 Security Update : curl (SUSE-SU-2019:0339-1)

This update for curl fixes the following issues : Security issues fixed : CVE-2019-3822: Fixed a NTLMv2 type-3 header stack-based buffer overflow bsc1123377. CVE-2019-3823: Fixed an out-of-bounds read in the SMTP end-of-response bsc1123378. CVE-2018-16890: Fixed an out-of-bounds buffer read in NT...

9.8CVSS7.2AI score0.12771EPSS
Exploits2References19
ArchLinux
ArchLinux
added 2019/02/12 12:0 a.m.34 views

[ASA-201902-12] lib32-libcurl-compat: arbitrary code execution

Arch Linux Security Advisory ASA-201902-12 ========================================== Severity: High Date : 2019-02-12 CVE-ID : CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 Package : lib32-libcurl-compat Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-875...

9.8CVSS1.5AI score0.12771EPSS
Exploits2References10
ArchLinux
ArchLinux
added 2019/02/12 12:0 a.m.60 views

[ASA-201902-10] libcurl-gnutls: arbitrary code execution

Arch Linux Security Advisory ASA-201902-10 ========================================== Severity: High Date : 2019-02-12 CVE-ID : CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 Package : libcurl-gnutls Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-877 Summary...

9.8CVSS1.5AI score0.12771EPSS
Exploits2References10
ArchLinux
ArchLinux
added 2019/02/12 12:0 a.m.40 views

[ASA-201902-9] curl: arbitrary code execution

Arch Linux Security Advisory ASA-201902-9 ========================================= Severity: High Date : 2019-02-12 CVE-ID : CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 Package : curl Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-873 Summary ======= The...

9.8CVSS1.6AI score0.12771EPSS
Exploits2References10
ArchLinux
ArchLinux
added 2019/02/12 12:0 a.m.36 views

[ASA-201902-11] lib32-libcurl-gnutls: arbitrary code execution

Arch Linux Security Advisory ASA-201902-11 ========================================== Severity: High Date : 2019-02-12 CVE-ID : CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 Package : lib32-libcurl-gnutls Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-876...

9.8CVSS1.5AI score0.12771EPSS
Exploits2References10
ArchLinux
ArchLinux
added 2019/02/12 12:0 a.m.128 views

[ASA-201902-13] lib32-curl: arbitrary code execution

Arch Linux Security Advisory ASA-201902-13 ========================================== Severity: High Date : 2019-02-12 CVE-ID : CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 Package : lib32-curl Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-874 Summary ======...

9.8CVSS1.5AI score0.12771EPSS
Exploits2References10
Debian
Debian
added 2019/02/11 3:43 p.m.197 views

[SECURITY] [DLA 1672-1] curl security update

Package : curl Version : 7.38.0-4+deb8u14 CVE IDs : CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 It was discovered that there were three vulnerabilities in the curl command-line HTTP etc. client: CVE-2018-16890: A heap buffer out-of-bounds read vulnerability in the handling of NTLM type-2 messages...

9.8CVSS8.5AI score0.12771EPSS
Exploits2
ALT Linux
ALT Linux
added 2019/02/08 12:0 a.m.77 views

Security fix for the ALT Linux 8 package curl version 7.64.0-alt1

7.64.0-alt1 built Feb. 8, 2019 Anton Farygin in task 220788 Feb. 6, 2019 Anton Farygin - 7.64.0 - fixes: CVE-2018-16890: NTLM type-2 out-of-bounds buffer read CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow CVE-2019-3823: SMTP end-of-response out-of-bounds read...

7.5CVSS8.8AI score0.12771EPSS
Exploits2
OpenVAS
OpenVAS
added 2019/02/07 12:0 a.m.27 views

Ubuntu: Security Advisory (USN-3882-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9AI score0.12771EPSS
Exploits2References2
Rows per page
Query Builder