Lucene search
K

27 matches found

ICS
ICS
added 2022/03/08 12:0 a.m.128 views

Siemens SINEC INS

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEC INS Vulnerability: Using Components with Known Vulnerabilities 2. RISK EVALUATION Successful exploitation of this vulnerability in third-party components could allow an attacker...

9.8CVSS8.4AI score0.21952EPSS
Exploits1References11
CBLMariner
CBLMariner
added 2021/08/11 6:39 a.m.29 views

CVE-2020-8169 affecting package curl 7.68.0-5

CVE-2020-8169 affecting package curl 7.68.0-5. An upgraded version of the package is available that resolves this issue...

7.5CVSS9.8AI score0.03427EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2021/06/17 11:47 a.m.264 views

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP8 security update

Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2.4.37 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of...

8.1CVSS6.8AI score0.60122EPSS
Exploits6References9
RedHat Linux
RedHat Linux
added 2021/06/17 11:35 a.m.98 views

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP8 security update

Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 8 zip release for RHEL 7, RHEL 8 and Microsoft Windows is available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...

8.1CVSS6.8AI score0.60122EPSS
Exploits6References12
Tenable Nessus
Tenable Nessus
added 2021/06/17 12:0 a.m.98 views

RHEL 7 / 8 : Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP8 (RHSA-2021:2472)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2472 advisory. This release adds the new Apache HTTP Server 2.4.37 Service Pack 8 packages that are part of the JBoss Core Services offering. This...

8.1CVSS7AI score0.60122EPSS
Exploits6References17
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2020:1733-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.9AI score0.03427EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2021/03/12 12:0 a.m.27 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-1596)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8AI score0.09917EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.44 views

EulerOS Virtualization 2.9.1 : curl (EulerOS-SA-2021-1596)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Vulnerability Summary for CVE-2020-8169CVE-2020-8169 - Vulnerability Summary for CVE-2020-8177CVE-2020-8177 - Expired pointer...

7.8CVSS6.9AI score0.09917EPSS
Exploits5References6
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/26 1:18 p.m.40 views

Security Bulletin: IBM Cloud Private is vulnerable to cURL vulnerabilities (CVE-2020-8169, CVE-2020-8177)

Summary IBM Cloud Private is vulnerable to cURL vulnerabilities Vulnerability Details CVEID: CVE-2020-8169 DESCRIPTION: cURL libcurl could allow a remote attacker to obtain sensitive information, caused by the failure to correctly URL encode the credential data when set using an curleasysetopt...

7.8CVSS0.4AI score0.03427EPSS
Exploits2Affected Software1
NVD
NVD
added 2020/12/14 8:15 p.m.23 views

CVE-2020-8169

curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS servers...

7.5CVSS7.2AI score0.03427EPSS
Exploits1References5
OSV
OSV
added 2020/12/14 8:15 p.m.33 views

CVE-2020-8169

curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS servers...

7.5CVSS6.2AI score0.03427EPSS
Exploits1References5
AlpineLinux
AlpineLinux
added 2020/12/14 7:41 p.m.35 views

CVE-2020-8169

curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS servers...

7.5CVSS7.3AI score0.03427EPSS
Exploits1
CVE
CVE
added 2020/12/14 7:41 p.m.393 views

CVE-2020-8169

CVE-2020-8169 affects curl/libcurl 7.62.0–7.70.0. Root cause: libcurl could be tricked into prepending part of a password to the host name before DNS resolution, potentially leaking a partial password over the network and to DNS servers. Impact: information disclosure of partial credentials. Affe...

7.5CVSS7AI score0.03427EPSS
Exploits1References5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/11 6:3 p.m.48 views

Security Bulletin: cURL vulnerabilities CVE-2020-8169 CVE-2020-8177 impact IBM Aspera High-Speed Transfer Server 3.9.6.2 and earlier and Aspera High-Speed Transfer Endpoint 3.9.6.2 and earlier

Summary Security Bulletin: cURL vulnerabilities CVE-2020-8169 CVE-2020-8177 impact IBM Aspera High-Speed Transfer Server 3.9.6.2 and earlier and Aspera High-Speed Transfer Endpoint 3.9.6.2 and earlier. The fix was delivered in IBM Aspera High-Speed Transfer Server 4.0.0 and Aspera High-Speed...

7.8CVSS1.3AI score0.03427EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/08 6:50 p.m.30 views

Security Bulletin: cURL vulnerabilities CVE-2020-8169 CVE-2020-8177 impact IBM Aspera Streaming/IBM Aspera Streaming for Video version 3.9.6.1 and earlier

Summary cURL vulnerabilities CVE-2020-8169 CVE-2020-8177 impact IBM Aspera Streaming/IBM Aspera Streaming for Video version 3.9.6.1 and earlier. The fix for this set of vulnerabilities was delivered in IBM Aspera High-Speed Transfer Server V4.0.0 and IBM Aspera High-Speed Transfer Endpoint V4.0.0...

7.8CVSS1.6AI score0.03427EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/08/06 12:0 a.m.27 views

Fedora 32 : mingw-curl (2020-ad05132742)

Major update includes security fixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable...

7.8CVSS6.7AI score0.03427EPSS
Exploits2References3
Cloud Foundry
Cloud Foundry
added 2020/07/22 12:0 a.m.50 views

USN-4402-1: curl vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Marek Szlagor, Gregory Jefferis and Jeroen Ooms discovered that curl incorrectly handled certain credentials. An attacker could possibly use this issue to...

7.8CVSS7.7AI score0.03427EPSS
Exploits2Affected Software2
Tenable Nessus
Tenable Nessus
added 2020/07/20 12:0 a.m.37 views

openSUSE Security Update : curl (openSUSE-2020-883)

This update for curl fixes the following issues : - CVE-2020-8177: Fixed an issue where curl could have been tricked by a malicious server to overwrite a local file when using the -J option bsc1173027. - CVE-2020-8169: Fixed an issue where could have led to partial password leak over DNS on HTTP...

7.8CVSS6.6AI score0.03427EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2020/07/17 12:0 a.m.92 views

PHP 7.2.x < 7.2.32 / 7.3.x < 7.3.20 / 7.4.x < 7.4.8 Information Disclosure

According to its self-reported version number, the version of PHP running on the remote Windows web server is 7.2.x prior to 7.2.32, 7.3.x prior to 7.3.20 or 7.4.x prior to 7.4.8. It is, therefore, affected by an information disclosure vulnerability. The libcurl library can be tricked to prepend ...

7.5CVSS6.9AI score0.03427EPSS
Exploits1References5
Mageia
Mageia
added 2020/07/05 7:48 p.m.47 views

Updated curl packages fix security vulnerability

Updated curl packages fix security vulnerabilities: libcurl can be tricked to prepend a part of the password to the host name before it resolves it, potentially leaking the partial password over the network and to the DNS servers CVE-2020-8169. curl can be tricked by a malicious server to overwri...

7.8CVSS1.9AI score0.03427EPSS
Exploits2References4
Rows per page
Query Builder