Lucene search
+L

18 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.4 views

Siemens SIMATIC S7-1500 Improper Validation of Certificate with Host Mismatch (CVE-2024-2466)

libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate...

6.5CVSS6.7AI score0.01299EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.9 views

Azure Linux 3.0 Security Update: cmake / curl (CVE-2024-2466)

The version of cmake / curl installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-2466 advisory. - libcurl did not check the server certificate of TLS connections done to a host specified as an IP...

6.5CVSS6.7AI score0.01299EPSS
Exploits1References2
CBLMariner
CBLMariner
added 2024/10/01 6:58 p.m.24 views

CVE-2024-2466 affecting package cmake for versions less than 3.30.3-2

CVE-2024-2466 affecting package cmake for versions less than 3.30.3-2. An upgraded version of the package is available that resolves this issue...

6.5CVSS7.5AI score0.01299EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/09/23 12:0 a.m.28 views

GLSA-202409-20 : curl: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202409-20 curl: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in curl. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from th...

8.6CVSS6.6AI score0.36081EPSS
Exploits6References12
Tenable Nessus
Tenable Nessus
added 2024/08/14 12:0 a.m.61 views

Tenable Security Center Multiple Vulnerabilities (TNS-2024-13)

According to its self-reported version, the Tenable Security Center running on the remote host is 6.2.1, 6.3.0 or 6.4.0. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2024-13 advisory. - Security Center leverages third-party software to help provide underlying...

9.8CVSS7.5AI score0.99957EPSS
Exploits14References19
CBLMariner
CBLMariner
added 2024/08/05 3:22 a.m.25 views

CVE-2024-2466 affecting package curl for versions less than 8.8.0-1

CVE-2024-2466 affecting package curl for versions less than 8.8.0-1. An upgraded version of the package is available that resolves this issue...

6.5CVSS6.6AI score0.01299EPSS
Exploits1
CBLMariner
CBLMariner
added 2024/07/22 3:42 p.m.20 views

CVE-2024-2466 affecting package curl for versions less than 8.8.0-1

CVE-2024-2466 affecting package curl for versions less than 8.8.0-1. An upgraded version of the package is available that resolves this issue...

6.5CVSS6.9AI score0.01299EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2024/05/07 3:50 p.m.90 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP4 security update

Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 4 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.6CVSS6.9AI score0.91327EPSS
Exploits6References8
OpenVAS
OpenVAS
added 2024/04/05 12:0 a.m.22 views

Mageia: Security Advisory (MGASA-2024-0099)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS6.6AI score0.36081EPSS
Exploits4References5
OpenVAS
OpenVAS
added 2024/03/28 12:0 a.m.26 views

Slackware: Security Advisory (SSA:2024-087-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS7.3AI score0.36081EPSS
Exploits4References10
Circl
Circl
added 2024/03/27 12:46 p.m.4 views

CVE-2024-2466

creationtimestamp| type| source ---|---|--- 2024-03-27 12:46:26+00:00| seen| https://t.me/ctinow/213004 2024-03-29 21:46:25+00:00| seen| https://t.me/ctinow/213434 2024-04-09 20:36:22+00:00| seen| https://t.me/arpsyndicate/4417 2024-11-14 12:00:00+00:00| seen|...

6.5CVSS6.6AI score0.01299EPSS
Exploits1References4
Hacker One
Hacker One
added 2024/03/27 9:50 a.m.75 views

Internet Bug Bounty: CVE-2024-2466: TLS certificate check bypass with mbedTLS (reward request)

CVE-2024-2466: TLS certificate check bypass with mbedTLS. The vulnerability was reported in libcurl, where it did not check the server certificate of TLS connections made to a host specified as an IP address when built to use mbedTLS. This caused the certificate check to be completely skipped,...

6.5CVSS6.3AI score0.01299EPSS
Exploits1
OSV
OSV
added 2024/03/27 8:15 a.m.6 views

AZL-37103 CVE-2024-2466 affecting package curl for versions less than 8.8.0-1

libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate...

6.5CVSS6.7AI score0.01299EPSS
Exploits1References1
Wolfi
Wolfi
added 2024/03/27 8:15 a.m.35 views

CVE-2024-2466 vulnerabilities

Vulnerabilities for packages: curl...

6.5CVSS7.2AI score0.01299EPSS
Exploits1
Chainguard
Chainguard
added 2024/03/27 8:15 a.m.34 views

CVE-2024-2466 vulnerabilities

Vulnerabilities for packages: curl...

6.5CVSS6.9AI score0.01299EPSS
Exploits1
Cvelist
Cvelist
added 2024/03/27 7:58 a.m.32 views

CVE-2024-2466 TLS certificate check bypass with mbedTLS

libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate...

5.4AI score0.01299EPSS
Exploits1References11
Vulnrichment
Vulnrichment
added 2024/03/27 7:58 a.m.22 views

CVE-2024-2466 TLS certificate check bypass with mbedTLS

libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate...

6.6AI score0.01299EPSS
Exploits1References11
OSV
OSV
added 2024/03/27 7:58 a.m.32 views

CVE-2024-2466 TLS certificate check bypass with mbedTLS

libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate...

6.5CVSS6.8AI score0.01299EPSS
Exploits1References14
Rows per page
Query Builder