Lucene search
K

37 matches found

Tenable Nessus
Tenable Nessus
added 2023/11/01 12:0 a.m.57 views

Puppet Agent < 7.1.0 Vulnerability

On December 9, 2020, curl published security updates addressing CVE-2020-8284, CVE-2020-8285, and CVE-2020-8286. Previous releases of Puppet Agent contain a vulnerable version of curl. For more information about this vulnerability, refer to the security announcement. Note that Nessus has not test...

7.5CVSS6.4AI score0.09917EPSS
Exploits2References5
F5 Networks
F5 Networks
added 2023/02/21 6:53 p.m.88 views

K15402727: cURL vulnerability CVE-2020-8286

Security Advisory Description curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response. CVE-2020-8286 Impact An attacker could provide a forged OCSP response to the F5 product that has made the request with curl...

7.5CVSS6.9AI score0.04575EPSS
Exploits1Affected Software16
ICS
ICS
added 2022/03/08 12:0 a.m.127 views

Siemens SINEC INS

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEC INS Vulnerability: Using Components with Known Vulnerabilities 2. RISK EVALUATION Successful exploitation of this vulnerability in third-party components could allow an attacker...

9.8CVSS8.4AI score0.21952EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2021/10/28 12:0 a.m.74 views

F5 Networks BIG-IP : cURL vulnerability (K15402727)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10 / 16.1.4 / 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K15402727 advisory. curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient...

7.5CVSS6.8AI score0.04575EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/07/14 12:0 a.m.69 views

Juniper Junos OS Multiple Vulnerabilities (JSA11207)

The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA11207 advisory. - A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially ma...

7.5CVSS6.9AI score0.09917EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2021/06/17 11:47 a.m.264 views

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP8 security update

Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2.4.37 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of...

8.1CVSS6.8AI score0.60122EPSS
Exploits6References9
RedHat Linux
RedHat Linux
added 2021/06/17 11:35 a.m.98 views

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP8 security update

Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 8 zip release for RHEL 7, RHEL 8 and Microsoft Windows is available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...

8.1CVSS6.8AI score0.60122EPSS
Exploits6References12
Tenable Nessus
Tenable Nessus
added 2021/06/17 12:0 a.m.98 views

RHEL 7 / 8 : Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP8 (RHSA-2021:2472)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2472 advisory. This release adds the new Apache HTTP Server 2.4.37 Service Pack 8 packages that are part of the JBoss Core Services offering. This...

8.1CVSS7AI score0.60122EPSS
Exploits6References17
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2021:1786-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.09917EPSS
Exploits5References10
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/04 4:40 p.m.49 views

Security Bulletin: cURL libcurl vulnerabilites impacting Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint 4.0 and earlier (CVE-2020-8284, CVE-2020-8286, CVE-2020-8285)

Summary The cURL libcurl vulnerabilities CVE-2020-8284, CVE-2020-8286 and CVE-2020-8285 impacts Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint 4.0.0 and earlier. The fix is delivered in Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint 4.1.0...

7.5CVSS0.9AI score0.09917EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/04 1:9 a.m.66 views

Security Bulletin: cURL libcurl vulnerabilites impacting Aspera High-Speed Transfer Server, Aspera High-Speed Transfer Endpoint, Aspera Desktop Client 4.0 and earlier (CVE-2020-8284, CVE-2020-8286, CVE-2020-8285)

Summary The cURL libcurl vulnerabilities CVE-2020-8284, CVE-2020-8286 and CVE-2020-8285 impacts Aspera High-Speed Transfer Server, Aspera High-Speed Transfer Endpoint, and Aspera Desktop Client 4.0.0 and earlier. The fix is delivered in Aspera High-Speed Transfer Server, Aspera High-Speed Transfe...

7.5CVSS1.1AI score0.09917EPSS
Exploits2Affected Software3
Tenable Nessus
Tenable Nessus
added 2021/06/01 12:0 a.m.44 views

SUSE SLES12 Security Update : curl (SUSE-SU-2021:1786-1)

This update for curl fixes the following issues: CVE-2021-22898: TELNET stack contents disclosure bsc1186114 CVE-2021-22876: The automatic referer leaks credentials bsc1183933 CVE-2020-8286: Inferior OCSP verification bsc1179593 CVE-2020-8285: FTP wildcard stack overflow bsc1179399 CVE-2020-8284:...

7.5CVSS6.4AI score0.09917EPSS
Exploits5References20
OSV
OSV
added 2021/05/27 2:45 p.m.5 views

SUSE-SU-2021:1786-1 Security update for curl

This update for curl fixes the following issues: - CVE-2021-22898: TELNET stack contents disclosure bsc1186114 - CVE-2021-22876: The automatic referer leaks credentials bsc1183933 - CVE-2020-8286: Inferior OCSP verification bsc1179593 - CVE-2020-8285: FTP wildcard stack overflow bsc1179399 -...

7.5CVSS6.2AI score0.09917EPSS
Exploits5References14
Oracle linux
Oracle linux
added 2021/05/25 12:0 a.m.85 views

curl security and bug fix update

7.61.1-18 - http: send payload when proxy authentication is done 1918692 - curl: Inferior OCSP verification CVE-2020-8286 - libcurl: FTP wildcard stack overflow CVE-2020-8285 - curl: trusting FTP PASV responses CVE-2020-8284 7.61.1-17 - validate an ssl connection using an intermediate certificate...

7.5CVSS0.9AI score0.09917EPSS
Exploits3
RedHat Linux
RedHat Linux
added 2021/05/18 3:28 p.m.52 views

Moderate: Red Hat Security Advisory: curl security and bug fix update

An update for curl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

7.5CVSS6.7AI score0.09917EPSS
Exploits3References9
OSV
OSV
added 2021/05/18 5:39 a.m.37 views

RLSA-2021:1610 Moderate: curl security and bug fix update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: FTP PASV command response can cause curl to connect to arbitrary host CVE-2020-8284 curl: Malicious FTP server can...

7.4CVSS7.4AI score0.09917EPSS
Exploits3References8
OpenVAS
OpenVAS
added 2021/03/12 12:0 a.m.27 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-1596)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8AI score0.09917EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.44 views

EulerOS Virtualization 2.9.1 : curl (EulerOS-SA-2021-1596)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Vulnerability Summary for CVE-2020-8169CVE-2020-8169 - Vulnerability Summary for CVE-2020-8177CVE-2020-8177 - Expired pointer...

7.8CVSS6.9AI score0.09917EPSS
Exploits5References6
OpenVAS
OpenVAS
added 2021/01/08 12:0 a.m.29 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-1003)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.09917EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2021/01/04 12:0 a.m.35 views

EulerOS 2.0 SP9 : curl (EulerOS-SA-2021-1022)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match...

7.5CVSS6.8AI score0.09917EPSS
Exploits2References3
Rows per page
Query Builder