Lucene search
K

45 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.3 views

Siemens SIMATIC S7-1500 Use After Free (CVE-2020-8231)

Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

7.5CVSS6.7AI score0.03721EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2023/11/01 12:0 a.m.37 views

Puppet Enterprise < 2018.1.17 / 2019.x < 2019.8.3 Curl Vulnerability

Previous releases of Puppet Enterprise contain a vulnerable version of curl. For more information about this vulnerability, refer to the security announcement for CVE-2020-8231. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...

7.5CVSS6.7AI score0.03721EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/11/15 12:0 a.m.37 views

NewStart CGSL MAIN 6.02 : curl Multiple Vulnerabilities (NS-SA-2022-0083)

The remote NewStart CGSL host, running version MAIN 6.02, has curl packages installed that are affected by multiple vulnerabilities: - Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data. CVE-2020-8231 - A malicious server can use the FTP...

7.5CVSS6.8AI score0.09917EPSS
Exploits8References19
OpenVAS
OpenVAS
added 2022/04/21 12:0 a.m.10 views

Slackware: Security Advisory (SSA:2020-232-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8AI score0.03721EPSS
Exploits1References3
ICS
ICS
added 2022/03/08 12:0 a.m.128 views

Siemens SINEC INS

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEC INS Vulnerability: Using Components with Known Vulnerabilities 2. RISK EVALUATION Successful exploitation of this vulnerability in third-party components could allow an attacker...

9.8CVSS8.4AI score0.21952EPSS
Exploits1References11
OpenVAS
OpenVAS
added 2021/07/07 12:0 a.m.8 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-2101)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.04385EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2021/07/06 12:0 a.m.81 views

EulerOS Virtualization 3.0.2.2 : curl (EulerOS-SA-2021-2132)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data.CVE-2020-8231 - curl...

7.8CVSS6.8AI score0.09917EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2021/06/10 12:0 a.m.23 views

SUSE SLES11 Security Update : curl (SUSE-SU-2020:14481-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2020:14481-1 advisory. - Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data. CVE-2020-8231 Note that Nessus has n...

7.5CVSS6.7AI score0.03721EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.16 views

SUSE: Security Advisory (SUSE-SU-2020:14481-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.9AI score0.03721EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2021:1786-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.09917EPSS
Exploits5References10
Tenable Nessus
Tenable Nessus
added 2021/06/01 12:0 a.m.44 views

SUSE SLES12 Security Update : curl (SUSE-SU-2021:1786-1)

This update for curl fixes the following issues: CVE-2021-22898: TELNET stack contents disclosure bsc1186114 CVE-2021-22876: The automatic referer leaks credentials bsc1183933 CVE-2020-8286: Inferior OCSP verification bsc1179593 CVE-2020-8285: FTP wildcard stack overflow bsc1179399 CVE-2020-8284:...

7.5CVSS6.4AI score0.09917EPSS
Exploits5References20
Oracle linux
Oracle linux
added 2021/05/25 12:0 a.m.85 views

curl security and bug fix update

7.61.1-18 - http: send payload when proxy authentication is done 1918692 - curl: Inferior OCSP verification CVE-2020-8286 - libcurl: FTP wildcard stack overflow CVE-2020-8285 - curl: trusting FTP PASV responses CVE-2020-8284 7.61.1-17 - validate an ssl connection using an intermediate certificate...

7.5CVSS0.9AI score0.09917EPSS
Exploits3
RedHat Linux
RedHat Linux
added 2021/05/18 3:28 p.m.52 views

Moderate: Red Hat Security Advisory: curl security and bug fix update

An update for curl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

7.5CVSS6.7AI score0.09917EPSS
Exploits3References9
OSV
OSV
added 2021/05/18 5:39 a.m.38 views

RLSA-2021:1610 Moderate: curl security and bug fix update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: FTP PASV command response can cause curl to connect to arbitrary host CVE-2020-8284 curl: Malicious FTP server can...

7.4CVSS7.4AI score0.09917EPSS
Exploits3References8
OpenVAS
OpenVAS
added 2021/03/12 12:0 a.m.27 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-1596)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8AI score0.09917EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.44 views

EulerOS Virtualization 2.9.1 : curl (EulerOS-SA-2021-1596)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Vulnerability Summary for CVE-2020-8169CVE-2020-8169 - Vulnerability Summary for CVE-2020-8177CVE-2020-8177 - Expired pointer...

7.8CVSS6.9AI score0.09917EPSS
Exploits5References6
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/04 11:53 p.m.39 views

Security Bulletin: Watson Machine Learning Community Edition docker containers have been updated to fix a security issue in libcurl

Summary Watson Machine Learning Community Edition docker containers have been updated to fix a security issue in libcurl. Users should repull the docker containers from dockerhub.com or issue an in-container update. Vulnerability Details CVEID: CVE-2020-8231 DESCRIPTION: cURL libcurl could allow ...

7.5CVSS0.9AI score0.03721EPSS
Exploits1Affected Software1
CBLMariner
CBLMariner
added 2021/01/11 9:49 p.m.16 views

CVE-2020-8231 affecting package curl 7.68.0-5

CVE-2020-8231 affecting package curl 7.68.0-5. A patched version of the package is available...

7.5CVSS9.9AI score0.03721EPSS
Exploits1
CVE
CVE
added 2020/12/14 7:39 p.m.416 views

CVE-2020-8231

CVE-2020-8231 affects libcurl/curl: a dangling pointer could cause the library to use the wrong connection when CURLOPT_CONNECT_ONLY is set, potentially leading to information leaks. Public references in the provided connected docs show affected curl/libcurl versions ranging from 7.29.0 through 7...

7.5CVSS7.5AI score0.03721EPSS
Exploits1References8Affected Software1
Debian CVE
Debian CVE
added 2020/12/14 7:39 p.m.39 views

CVE-2020-8231

Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data...

7.5CVSS6.7AI score0.03721EPSS
Exploits1
Rows per page
Query Builder