Lucene search
K

49 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.3 views

Siemens SIMATIC S7-1500 Exposure of Sensitive Information to an Unauthorized Actor (CVE-2020-8284)

A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service...

4.3CVSS6.7AI score0.03851EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-27668

Malicious code in bioql PyPI...

6.5CVSS6.8AI score0.01002EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/11/01 12:0 a.m.57 views

Puppet Agent < 7.1.0 Vulnerability

On December 9, 2020, curl published security updates addressing CVE-2020-8284, CVE-2020-8285, and CVE-2020-8286. Previous releases of Puppet Agent contain a vulnerable version of curl. For more information about this vulnerability, refer to the security announcement. Note that Nessus has not test...

7.5CVSS6.4AI score0.09917EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2023/01/09 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-1055)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.3AI score0.03851EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/01/06 12:0 a.m.40 views

EulerOS Virtualization 3.0.2.6 : curl (EulerOS-SA-2023-1055)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and...

4.3CVSS6.4AI score0.03851EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/11/15 12:0 a.m.37 views

NewStart CGSL MAIN 6.02 : curl Multiple Vulnerabilities (NS-SA-2022-0083)

The remote NewStart CGSL host, running version MAIN 6.02, has curl packages installed that are affected by multiple vulnerabilities: - Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data. CVE-2020-8231 - A malicious server can use the FTP...

7.5CVSS6.8AI score0.09917EPSS
Exploits8References19
OpenVAS
OpenVAS
added 2022/10/10 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-2491)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.5AI score0.03851EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/05/26 12:0 a.m.30 views

EulerOS 2.0 SP3 : curl (EulerOS-SA-2022-1711)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this wa...

5.3CVSS6.5AI score0.04929EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2022/05/25 12:0 a.m.14 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-1711)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6.9AI score0.04929EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/05/09 12:0 a.m.28 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-1688)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.5AI score0.03851EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/05/07 12:0 a.m.28 views

EulerOS Virtualization 3.0.2.0 : curl (EulerOS-SA-2022-1688)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and...

4.3CVSS6.8AI score0.03851EPSS
Exploits0References2
ICS
ICS
added 2022/03/08 12:0 a.m.129 views

Siemens SINEC INS

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEC INS Vulnerability: Using Components with Known Vulnerabilities 2. RISK EVALUATION Successful exploitation of this vulnerability in third-party components could allow an attacker...

9.8CVSS8.4AI score0.21952EPSS
Exploits1References11
OpenVAS
OpenVAS
added 2022/03/02 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-1265)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.5AI score0.03851EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/03/01 12:0 a.m.30 views

EulerOS 2.0 SP5 : curl (EulerOS-SA-2022-1265)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this wa...

4.3CVSS6.8AI score0.03851EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/10/28 12:0 a.m.44 views

F5 Networks BIG-IP : cURL vulnerability (K63525058)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K63525058 advisory. - A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP...

4.3CVSS6.8AI score0.03851EPSS
Exploits0References2
Prion
Prion
added 2021/09/03 2:15 a.m.31 views

Code injection

The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl...

4.3CVSS5.6AI score0.03851EPSS
Exploits0References4Affected Software2
Tenable Nessus
Tenable Nessus
added 2021/07/14 12:0 a.m.69 views

Juniper Junos OS Multiple Vulnerabilities (JSA11207)

The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA11207 advisory. - A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially ma...

7.5CVSS6.9AI score0.09917EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2021/06/17 11:47 a.m.264 views

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP8 security update

Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2.4.37 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of...

8.1CVSS6.8AI score0.60122EPSS
Exploits6References9
RedHat Linux
RedHat Linux
added 2021/06/17 11:35 a.m.98 views

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP8 security update

Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 8 zip release for RHEL 7, RHEL 8 and Microsoft Windows is available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...

8.1CVSS6.8AI score0.60122EPSS
Exploits6References12
Tenable Nessus
Tenable Nessus
added 2021/06/17 12:0 a.m.98 views

RHEL 7 / 8 : Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP8 (RHSA-2021:2472)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2472 advisory. This release adds the new Apache HTTP Server 2.4.37 Service Pack 8 packages that are part of the JBoss Core Services offering. This...

8.1CVSS7AI score0.60122EPSS
Exploits6References17
Rows per page
Query Builder