Lucene search
K

21 matches found

CBLMariner
CBLMariner
added 2024/04/17 10:2 p.m.36 views

CVE-2022-35260 affecting package tensorflow for versions less than 2.16.1-1

CVE-2022-35260 affecting package tensorflow for versions less than 2.16.1-1. An upgraded version of the package is available that resolves this issue...

6.5CVSS8.2AI score0.01761EPSS
Exploits1
Cloud Foundry
Cloud Foundry
added 2023/05/18 12:0 a.m.39 views

USN-5702-1: curl vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Canonical Ubuntu 22.04 Description Robby Simpson discovered that curl incorrectly handled certain POST operations after PUT operations. This issue could cause applications using curl to send the wrong data, perform...

9.8CVSS9.3AI score0.04325EPSS
Exploits2Affected Software5
ICS
ICS
added 2023/05/09 12:0 a.m.45 views

Siemens SINEC NMS Third-Party

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

9.8CVSS8.7AI score0.04325EPSS
Exploits5References12
Tenable Nessus
Tenable Nessus
added 2023/01/24 12:0 a.m.83 views

macOS 13.x < 13.2 Multiple Vulnerabilities (HT213605)

The remote host is running a version of macOS / Mac OS X that is 13.x prior to 13.2. It is, therefore, affected by multiple vulnerabilities: - This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in tvOS 16.3, macOS Ventura 13.2, watchOS 9.3, iOS 16.3...

9.8CVSS7.1AI score0.04325EPSS
Exploits4References37
Tenable Nessus
Tenable Nessus
added 2023/01/23 12:0 a.m.75 views

macOS 12.x < 12.6.3 Multiple Vulnerabilities (HT213604)

The remote host is running a version of macOS / Mac OS X that is 12.x prior to 12.6.3. It is, therefore, affected by multiple vulnerabilities: - This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur...

9.8CVSS8AI score0.04325EPSS
Exploits3References22
Apple
Apple
added 2023/01/23 12:0 a.m.154 views

About the security content of macOS Ventura 13.2

About the security content of macOS Ventura 13.2 This document describes the security content of macOS Ventura 13.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases...

9.8CVSS9.8AI score0.04325EPSS
Exploits4References1Affected Software1
OpenVAS
OpenVAS
added 2023/01/19 12:0 a.m.25 views

Oracle MySQL Server <= 5.7.40, 8.x <= 8.0.31 Security Update (cpujan2023) - Linux

Oracle MySQL Server is prone to a vulnerability in libcurl. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...

9.8CVSS5.9AI score0.04325EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2023/01/19 12:0 a.m.32 views

Oracle MySQL Server <= 5.7.40, 8.x <= 8.0.31 Security Update (cpujan2023) - Windows

Oracle MySQL Server is prone to a vulnerability in libcurl. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...

9.8CVSS5.9AI score0.04325EPSS
Exploits2References2
OSV
OSV
added 2022/12/05 10:15 p.m.4 views

DEBIAN-CVE-2022-35260

curl can be told to parse a .netrc file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause ...

6.5CVSS7.2AI score0.01761EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/12/05 10:15 p.m.2 views

CVE-2022-35260

curl can be told to parse a .netrc file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause ...

6.5CVSS5.8AI score0.01761EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2022/12/05 12:0 a.m.14 views

CVE-2022-35260

curl can be told to parse a .netrc file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause ...

6.9AI score0.01761EPSS
Exploits1References7
OSV
OSV
added 2022/12/05 12:0 a.m.52 views

CVE-2022-35260

curl can be told to parse a .netrc file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause ...

6.5CVSS2AI score0.01761EPSS
Exploits1References9
CVE
CVE
added 2022/12/05 12:0 a.m.302 views

CVE-2022-35260

CVE-2022-35260 affects curl. When curl parses a .netrc file for credentials, if the file ends with a line of 4095 consecutive non-whitespace characters and no newline, curl could read past the end of a stack-based buffer and, if the read succeeds, write a zero byte beyond its boundary, causing a ...

6.5CVSS7.5AI score0.01761EPSS
Exploits1References7Affected Software1
Debian CVE
Debian CVE
added 2022/12/05 12:0 a.m.68 views

CVE-2022-35260

curl can be told to parse a .netrc file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause ...

6.5CVSS6.8AI score0.01761EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2022/12/05 12:0 a.m.78 views

CVE-2022-35260

curl can be told to parse a .netrc file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause ...

6.5CVSS8AI score0.01761EPSS
Exploits1
OpenVAS
OpenVAS
added 2022/11/11 12:0 a.m.29 views

Fedora: Security Advisory for curl (FEDORA-2022-39688a779d)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.5AI score0.04325EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2022/10/31 12:0 a.m.37 views

Fedora: Security Advisory for curl (FEDORA-2022-01ffde372c)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.5AI score0.04325EPSS
Exploits2References2
Hacker One
Hacker One
added 2022/10/27 3:19 p.m.68 views

Internet Bug Bounty: CVE-2022-35260: .netrc parser out-of-bounds access

Original Report:https://hackerone.com/reports/1721098 Impact If a malicious user can provide a custom netrc file to an application or otherwise affect its contents, this flaw could be used as denial-of-service...

4.3CVSS7.7AI score0.01761EPSS
Exploits1
OpenVAS
OpenVAS
added 2022/10/27 12:0 a.m.30 views

Slackware: Security Advisory (SSA:2022-299-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.04325EPSS
Exploits2References6
Ubuntu
Ubuntu
added 2022/10/26 5:28 p.m.74 views

USN-5702-1: curl vulnerabilities

Robby Simpson discovered that curl incorrectly handled certain POST operations after PUT operations. This issue could cause applications using curl to send the wrong data, perform incorrect memory operations, or crash. CVE-2022-32221 Hiroki Kurosawa discovered that curl incorrectly handled parsin...

9.8CVSS7.6AI score0.04325EPSS
Exploits2
Rows per page
Query Builder