Lucene search
K

35 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.8 views

Siemens RUGGEDCOM ROX, SIMATIC S7-1500 Improper Authentication (CVE-2022-22576)

An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocol...

8.1CVSS6.7AI score0.01914EPSS
Exploits1References6
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/12 2:33 p.m.44 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues. We have updated the base image used by our Speech Services and the following vulnerabilities have been addressed. Please read the details for remediation below. Vulnerability Details...

9.8CVSS9.9AI score0.3197EPSS
Exploits11Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/12 9:59 p.m.48 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security restrictions bypass in cURL libcurl (CVE-2022-22576).

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security restrictions bypass caused by improper authentication validation in cURL libcurl CVE-2022-22576. cURL libcurl is used as part of the base image included in our service components. Please read the...

8.1CVSS8AI score0.01914EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2022/12/19 12:0 a.m.19 views

Western Digital My Cloud Multiple Products 5.x < 5.25.124 Multiple Vulnerabilities (WDC-22019)

Multiple Western Digital My Cloud products are prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progr...

9.8CVSS7.4AI score0.3197EPSS
Exploits14References2
Tenable Nessus
Tenable Nessus
added 2022/11/16 12:0 a.m.34 views

AlmaLinux 9 : curl (ALSA-2022:5245)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:5245 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...

8.1CVSS6.8AI score0.03425EPSS
Exploits4References5
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/04 6:2 p.m.38 views

Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to bypassing access restrictions due to CVE-2022-22576

Summary cURL is used by IBM App Connect Enterprise Certified Container for internal communication and status checking. IBM App Connect Enterprise Certified Container operands may be vulnerable to bypassing access restrictions. This bulletin provides patch information to address the reported...

8.1CVSS8.1AI score0.01914EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/09/06 12:0 a.m.39 views

Amazon Linux 2022 : curl, curl-minimal, libcurl (ALAS2022-2022-065)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-065 advisory. A vulnerability was found in curl. This security flaw allows reusing OAUTH2-authenticated connections without properly ensuring that the connection was authenticated with the same credentials s...

8.1CVSS6.8AI score0.03425EPSS
Exploits8References17
Debian
Debian
added 2022/08/28 11:0 p.m.120 views

[SECURITY] [DLA 3085-1] curl security update

Debian LTS Advisory DLA-3085-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany August 29, 2022 https://wiki.debian.org/LTS Package : curl Version : 7.64.0-4+deb10u3 CVE ID : CVE-2021-22898 CVE-2021-22924 CVE-2021-22946 CVE-2021-22947 CVE-2022-22576 CVE-2022-27776...

8.1CVSS6.8AI score0.3197EPSS
Exploits10
OpenVAS
OpenVAS
added 2022/08/18 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-2217)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.3AI score0.02596EPSS
Exploits3References2
Debian
Debian
added 2022/08/01 4:58 p.m.206 views

[SECURITY] [DSA 5197-1] curl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5197-1 [email protected] https://www.debian.org/security/ Markus Koschany August 01, 2022 https://www.debian.org/security/faq -...

9.8CVSS8.1AI score0.3197EPSS
Exploits15
OpenVAS
OpenVAS
added 2022/07/29 12:0 a.m.31 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-2153)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.3AI score0.03425EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2022/07/14 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-2087)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.3AI score0.03425EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2022/07/14 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-2107)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.3AI score0.03425EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2022/07/08 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-1961)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.3AI score0.03425EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2022/07/08 12:0 a.m.55 views

Rocky Linux 8 : curl (RLSA-2022:5313)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:5313 advisory. - An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections withou...

8.1CVSS6.9AI score0.03425EPSS
Exploits4References9
Tenable Nessus
Tenable Nessus
added 2022/07/08 12:0 a.m.58 views

EulerOS 2.0 SP9 : curl (EulerOS-SA-2022-1961)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections...

8.1CVSS6.8AI score0.03425EPSS
Exploits4References5
Oracle linux
Oracle linux
added 2022/06/30 12:0 a.m.38 views

curl security update

7.76.1-14.el90.4 - fix too eager reuse of TLS and SSH connections CVE-2022-27782 7.76.1-14.el90.3 - fix leak of SRP credentials in redirects CVE-2022-27774 7.76.1-14.el90.2 - add missing tests to Makefile 7.76.1-14.el90.1 - fix credential leak on redirect CVE-2022-27774 - fix auth/cookie leak on...

8.1CVSS2AI score0.03425EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2022/06/30 12:0 a.m.58 views

Oracle Linux 8 : curl (ELSA-2022-5313)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-5313 advisory. - fix too eager reuse of TLS and SSH connections CVE-2022-27782 - fix credential leak on redirect CVE-2022-27774 - fix auth/cookie leak on redirect...

8.1CVSS6.8AI score0.03425EPSS
Exploits4References5
OSV
OSV
added 2022/06/28 10:52 a.m.40 views

RLSA-2022:5313 Moderate: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: OAUTH2 bearer bypass in connection re-use CVE-2022-22576 curl: credential leak on redirect CVE-2022-27774 curl:...

8.1CVSS7.5AI score0.03425EPSS
Exploits4References5
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/17 6:45 p.m.108 views

Security Bulletin: IBM QRadar WinCollect is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., third party libraries that may be identified and exploited with automated tools. IBM QRadar WinCollect for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2022-1434 DESCRIPTION: OpenSSL is vulnerable to a...

10CVSS8.8AI score0.83223EPSS
Exploits14Affected Software1
Rows per page
Query Builder