90 matches found
MiracleLinux 9 : curl-7.76.1-23.el9.4 (AXSA:2023-6515:13)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6515:13 advisory. curl: a heap-based buffer overflow in the SOCKS5 proxy handshake CVE-2023-38545 curl: cookie injection with none file CVE-2023-38546 Tenable has...
Siemens SIMATIC S7-1500 Heap-based Buffer Overflow (CVE-2023-38545)
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the hostname to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that hostname can be is 255 bytes. If the hostname ...
NewStart CGSL MAIN 7.02 : curl Multiple Vulnerabilities (NS-SA-2025-0111)
The remote NewStart CGSL host, running version MAIN 7.02, has curl packages installed that are affected by multiple vulnerabilities: - CVE-2023-38546 is a cookie injection vulnerability in the curleasyduphandle, a function in libcurl that duplicates easy handles. When duplicating an easy handle, ...
libcurl SOCKS5 Heap Buffer Overflow Vulnerability (Oct 2023)
libcurl is prone to a heap buffer overflow vulnerability in the SOCKS5 proxy handshake. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
TencentOS Server 4: curl (TSSA-2024:0354)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0354 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
TencentOS Server 4: curl (TSSA-2023:0330)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0330 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
KLA73894 Multiple vulnerabilities in TeamViewer
Remote code execution vulnerability was found in TeamViewer. Malicious users can exploit this vulnerability to execute arbitrary code, bypass security restrictions. Original advisories Hotfix for curl and libcurl vulnerability Exploitation Public exploits exist for this vulnerability. Malware...
Oracle MySQL Cluster 8.0.x < 8.0.35 (Oct 2023 / Jul 2024 CPU)
The versions of MySQL Cluster installed on the remote host are affected by a vulnerability as referenced in the October 2023 / July 2024 CPU advisory. - Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General Kerberos. Supported versions that are affected are 8.0.34...
Security Bulletin: Vulnerabilities in libcurl, cURL and Linux Kernel might affect IBM Storage Copy Data Management
Summary IBM Storage Copy Data Management can be affected by vulnerabilities in libcurl, cURL and Linux Kernel. Vulnerabilities include an attacker could exploit these vulnerabilities to overflow a buffer and execute arbitrary code on the system, to insert cookies at will into a running program, t...
RHEL 8 : Satellite 6.14.2 Async Security Update (Important) (RHSA-2024:0797)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0797 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to...
Important: Red Hat Security Advisory: Satellite Client Async Security Update
Updated Satellite Client packages that fixes Important security bugs and regular bugs are now available for Red Hat Satellite. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet acces...
CVE-2023-38545 affecting package tensorflow for versions less than 2.16.1-1
CVE-2023-38545 affecting package tensorflow for versions less than 2.16.1-1. An upgraded version of the package is available that resolves this issue...
EulerOS Virtualization 2.11.1 : curl (EulerOS-SA-2024-1411)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1411)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1439)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-38545 affecting package cmake for versions less than 3.21.4-10
CVE-2023-38545 affecting package cmake for versions less than 3.21.4-10. A patched version of the package is available...
Exploit for Out-of-bounds Write in Haxx Libcurl
CVE-2023-38545: Curl Vulnerability Proof of Concept This repos...
EulerOS Virtualization 2.10.0 : curl (EulerOS-SA-2024-1376)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to...
EulerOS Virtualization 2.10.1 : curl (EulerOS-SA-2024-1355)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1355)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...