Lucene search
K

22 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.2 views

Siemens SIMATIC S7-1500 Double Free (CVE-2021-22945)

When sending data to an MQTT server, libcurl = 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it again. This plugin only works with Tenable.ot. Please visit...

9.1CVSS6.6AI score0.06216EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2022/12/19 12:0 a.m.19 views

Western Digital My Cloud Multiple Products 5.x < 5.25.124 Multiple Vulnerabilities (WDC-22019)

Multiple Western Digital My Cloud products are prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progr...

9.8CVSS7.4AI score0.3197EPSS
Exploits14References2
Debian
Debian
added 2022/08/01 4:58 p.m.199 views

[SECURITY] [DSA 5197-1] curl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5197-1 [email protected] https://www.debian.org/security/ Markus Koschany August 01, 2022 https://www.debian.org/security/faq -...

9.8CVSS8.1AI score0.3197EPSS
Exploits15
OpenVAS
OpenVAS
added 2022/04/21 12:0 a.m.20 views

Slackware: Security Advisory (SSA:2021-258-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS8.1AI score0.06216EPSS
Exploits3References2
CBLMariner
CBLMariner
added 2022/04/09 6:51 a.m.17 views

CVE-2021-22945 affecting package curl for versions less than 7.82.0-1

CVE-2021-22945 affecting package curl for versions less than 7.82.0-1. An upgraded version of the package is available that resolves this issue...

9.1CVSS8.5AI score0.06216EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2021/12/10 12:0 a.m.51 views

Amazon Linux 2 : curl (ALAS-2021-1724)

The version of curl installed on the remote host is prior to 7.79.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1724 advisory. A flaw was found in libcurl. When sending data to an MQTT server could in some situations lead to libcurl using already free...

9.1CVSS6.7AI score0.06216EPSS
Exploits3References7
OpenVAS
OpenVAS
added 2021/10/22 12:0 a.m.31 views

Oracle MySQL Server <= 5.7.35 / 8.0 <= 8.0.26 Security Update (cpuoct2021) - Linux

Oracle MySQL Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...

9.8CVSS7.4AI score0.87816EPSS
Exploits9References2
CBLMariner
CBLMariner
added 2021/10/05 3:0 a.m.14 views

CVE-2021-22945 affecting package curl 7.76.0-9

CVE-2021-22945 affecting package curl 7.76.0-9. A patched version of the package is available...

9.1CVSS9.8AI score0.06216EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/04 3:52 p.m.63 views

Security Bulletin: The Community Edition of IBM ILOG CPLEX Optimization Studio is affected by a vulnerability in libcurl (CVE-2021-22945)

Summary The Community Edition of IBM ILOG CPLEX Optimization Studio on Windows platform only has addressed the following vulnerability: libcurl is vulnerable to a denial of service. Vulnerability Details CVEID: CVE-2021-22945 DESCRIPTION: cURL libcurl is vulnerable to a denial of service, caused ...

9.1CVSS1.1AI score0.06216EPSS
Exploits1Affected Software1
NVD
NVD
added 2021/09/23 1:15 p.m.20 views

CVE-2021-22945

When sending data to an MQTT server, libcurl = 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it again...

9.1CVSS0.06216EPSS
Exploits1References10
OSV
OSV
added 2021/09/23 1:15 p.m.32 views

CVE-2021-22945

When sending data to an MQTT server, libcurl = 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it again...

9.1CVSS2.3AI score0.06216EPSS
Exploits1References10
OSV
OSV
added 2021/09/23 4:49 a.m.9 views

MGASA-2021-0438 Updated curl packages fix security vulnerability

UAF and double-free in MQTT sending. CVE-2021-22945 Protocol downgrade required TLS bypassed. CVE-2021-22946 STARTTLS protocol injection via MITM. CVE-2021-22947...

9.1CVSS6.9AI score0.06216EPSS
Exploits3References7
Vulnrichment
Vulnrichment
added 2021/09/23 12:0 a.m.4 views

CVE-2021-22945

When sending data to an MQTT server, libcurl = 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it again...

8.3AI score0.06216EPSS
Exploits1References10
Cvelist
Cvelist
added 2021/09/23 12:0 a.m.40 views

CVE-2021-22945

When sending data to an MQTT server, libcurl = 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it again...

9.3AI score0.06216EPSS
Exploits1References10
CVE
CVE
added 2021/09/23 12:0 a.m.343 views

CVE-2021-22945

Summary: CVE-2021-22945 affects libcurl/curl when sending data to an MQTT server, where in some cases a pointer to freed memory could be reused and freed again. This is a memory-use-after-free/double-free issue in libcurl. What is affected: libcurl/curl (MQTT data transmission scenarios) with vul...

9.1CVSS8.9AI score0.06216EPSS
Exploits1References10Affected Software1
OpenVAS
OpenVAS
added 2021/09/22 12:0 a.m.30 views

Fedora: Security Advisory for curl (FEDORA-2021-c5584b92d4)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.1CVSS6.8AI score0.0627EPSS
Exploits7References2
Tenable Nessus
Tenable Nessus
added 2021/09/21 12:0 a.m.323 views

Photon OS 3.0: Curl PHSA-2021-3.0-0301

An update of the curl package has been released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-3.0-0301. The text itself is copyright C VMware, Inc. include'deprecatednasllevel.inc...

9.1CVSS7AI score0.06216EPSS
Exploits3References4
NCSC
NCSC
added 2021/09/16 12:0 a.m.3 views

Vulnerabilities fixed in curl

Vulnerabilities have been fixed in curl. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Accessing sensitive data Updates have been released to fix the vulnerabilities. More...

9.1CVSS7.1AI score0.06216EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2021/09/16 12:0 a.m.62 views

Slackware Linux 14.0 / 14.1 / 14.2 / current curl Multiple Vulnerabilities (SSA:2021-258-01)

The version of curl installed on the remote host is prior to 7.79.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2021-258-01 advisory. - When curl = 7.20.0 and = 7.20.0 and = 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP...

9.1CVSS6.8AI score0.06216EPSS
Exploits3References3
Ubuntu
Ubuntu
added 2021/09/15 11:11 a.m.162 views

USN-5079-1: curl vulnerabilities

It was discovered that curl incorrect handled memory when sending data to an MQTT server. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2021-22945 Patrick Monnerat discovered that curl incorrectly handled...

9.1CVSS6.9AI score0.06216EPSS
Exploits3
Rows per page
Query Builder