Lucene search
+L

27 matches found

Tenable Nessus
Tenable Nessus
added 2026/02/10 12:0 a.m.5 views

Siemens SCALANCE and RUGGEDCOM Free of Memory not on the Heap (CVE-2024-6197)

libcurl's ASN1 parser has this utf8asn1str function used for parsing an ASN.1 UTF-8 string. Itcan detect an invalid field and return error. Unfortunately, when doing so it also invokes free on a 4 byte localstack buffer. Most modern malloc implementations detect this error and immediately abort...

7.5CVSS6.8AI score0.04296EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/02 2:32 p.m.4 views

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to stack overwrite due to the libcurl package (CVE-2024-6197)

Summary libcurl is used by DataStage on Cloud Pak for Data as part of API communication. Vulnerability Details CVEID:CVE-2024-6197 DESCRIPTION: libcurl's ASN1 parser has this utf8asn1str function used for parsing an ASN.1 UTF-8 string. Itcan detect an invalid field and return error. Unfortunately...

7.5CVSS6.7AI score0.04296EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2025/02/25 12:0 a.m.7 views

openSUSE Security Advisory (SUSE-SU-2024:2784-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.17301EPSS
Exploits2References5
IBM Security Bulletins
IBM Security Bulletins
added 2024/12/04 10:17 p.m.22 views

Security Bulletin: PowerSC is vulnerable to information disclosure, denial of service, and security restrictions bypass due to Curl

Summary Vulnerabilities in Curl could allow a local attacker to obtain sensitive information CVE-2024-7264 or a remote attacker to cause a denial of service CVE-2024-6197, CVE-2024-37371 or bypass security restrictions CVE-2024-37370. PowerSC uses Curl as part of PowerSC Trusted Network Connect...

9.1CVSS7.5AI score0.17301EPSS
Exploits2Affected Software1
F5 Networks
F5 Networks
added 2024/10/22 7:35 p.m.24 views

K000145125: Curl vulnerability CVE-2024-6197

Security Advisory Description libcurl's ASN1 parser has this utf8asn1str function used for parsing an ASN.1 UTF-8 string. Itcan detect an invalid field and return error. Unfortunately, when doing so it also invokes free on a 4 byte localstack buffer. Most modern malloc implementations detect this...

7.5CVSS7.1AI score0.04296EPSS
Exploits1
CBLMariner
CBLMariner
added 2024/10/15 6:24 p.m.20 views

CVE-2024-6197 affecting package curl for versions less than 8.8.0-2

CVE-2024-6197 affecting package curl for versions less than 8.8.0-2. A patched version of the package is available...

7.5CVSS7AI score0.04296EPSS
Exploits1
Kaspersky
Kaspersky
added 2024/10/08 12:0 a.m.19 views

KLA73903 DoS vulnerability in Microsoft Mariner

A remote code execution vulnerability was found in Microsoft Mariner. Malicious users can exploit this vulnerability to execute arbitrary code, cause denial of service. Original advisories CVE-2024-6197 Related products CBL-Mariner-2.0 CVE list CVE-2024-6197 critical Solution Install necessary...

7.5CVSS8.1AI score0.04296EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/10/08 12:0 a.m.96 views

KB5044284: Windows 11 Version 24H2 / Windows Server 2025 Security Update (October 2024)

The remote Windows host is missing security update 5044284. It is, therefore, affected by multiple vulnerabilities - libcurl's ASN1 parser has this utf8asn1str function used for parsing an ASN.1 UTF-8 string. Itcan detect an invalid field and return error. Unfortunately, when doing so it also...

8.8CVSS7.9AI score0.66571EPSS
Exploits3References68
Tenable Nessus
Tenable Nessus
added 2024/10/08 12:0 a.m.71 views

KB5044280: Windows 11 version 21H2 Security Update (October 2024)

The remote Windows host is missing security update 5044280. It is, therefore, affected by multiple vulnerabilities - libcurl's ASN1 parser has this utf8asn1str function used for parsing an ASN.1 UTF-8 string. Itcan detect an invalid field and return error. Unfortunately, when doing so it also...

8.8CVSS7.9AI score0.66571EPSS
Exploits3References64
Tenable Nessus
Tenable Nessus
added 2024/10/08 12:0 a.m.84 views

KB5044273: Windows 10 version 21H2 / Windows 10 Version 22H2 Security Update (October 2024)

The remote Windows host is missing security update 5044273. It is, therefore, affected by multiple vulnerabilities - libcurl's ASN1 parser has this utf8asn1str function used for parsing an ASN.1 UTF-8 string. Itcan detect an invalid field and return error. Unfortunately, when doing so it also...

8.8CVSS7.9AI score0.66571EPSS
Exploits3References63
Tenable Nessus
Tenable Nessus
added 2024/10/08 12:0 a.m.60 views

KB5044277: Windows 10 version 1809 / Windows Server 2019 Security Update (October 2024)

The remote Windows host is missing security update 5044277. It is, therefore, affected by multiple vulnerabilities - libcurl's ASN1 parser has this utf8asn1str function used for parsing an ASN.1 UTF-8 string. Itcan detect an invalid field and return error. Unfortunately, when doing so it also...

9CVSS8.4AI score0.66571EPSS
Exploits4References83
Tenable Nessus
Tenable Nessus
added 2024/10/08 12:0 a.m.48 views

KB5044288: Windows 11 version 22H2 / Windows Server version 23H2 Security Update (October 2024)

The remote Windows host is missing security update 5044288. It is, therefore, affected by multiple vulnerabilities - libcurl's ASN1 parser has this utf8asn1str function used for parsing an ASN.1 UTF-8 string. Itcan detect an invalid field and return error. Unfortunately, when doing so it also...

9CVSS7.9AI score0.66571EPSS
Exploits4References90
Tenable Nessus
Tenable Nessus
added 2024/10/08 12:0 a.m.120 views

KB5044281: Windows Server 2022 / Azure Stack HCI 22H2 Security Update (October 2024)

The remote Windows host is missing security update 5044281. It is, therefore, affected by multiple vulnerabilities - libcurl's ASN1 parser has this utf8asn1str function used for parsing an ASN.1 UTF-8 string. Itcan detect an invalid field and return error. Unfortunately, when doing so it also...

9CVSS7.9AI score0.66571EPSS
Exploits4References72
CBLMariner
CBLMariner
added 2024/10/01 6:58 p.m.19 views

CVE-2024-6197 affecting package cmake for versions less than 3.30.3-2

CVE-2024-6197 affecting package cmake for versions less than 3.30.3-2. A patched version of the package is available...

7.5CVSS7AI score0.04296EPSS
Exploits1
OpenVAS
OpenVAS
added 2024/09/25 12:0 a.m.55 views

Tenable Nessus Network Monitor < 6.5.0 Multiple Vulnerabilities (TNS-2024-17)

Tenable Nessus Network Monitor is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.8CVSS7.3AI score0.66594EPSS
Exploits4References1
Tenable Nessus
Tenable Nessus
added 2024/09/19 12:0 a.m.18 views

CBL Mariner 2.0 Security Update: curl (CVE-2024-6197_-_A)

The version of curl installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-6197-A advisory. - NIST NVD Details CVE-2024-6197 Note that Nessus has not tested for this issue but has instead relied only on...

7.5CVSS8AI score0.04296EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/09/14 12:0 a.m.35 views

CBL Mariner 2.0 Security Update: curl (CVE-2024-6197)

The version of curl installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-6197 advisory. - libcurl's ASN1 parser has this utf8asn1str function used for parsing an ASN.1 UTF-8 string. Itcan detect an...

7.5CVSS7.4AI score0.04296EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/08/14 12:0 a.m.60 views

Tenable Security Center Multiple Vulnerabilities (TNS-2024-13)

According to its self-reported version, the Tenable Security Center running on the remote host is 6.2.1, 6.3.0 or 6.4.0. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2024-13 advisory. - Security Center leverages third-party software to help provide underlying...

9.8CVSS7.5AI score0.99957EPSS
Exploits14References19
Tenable Nessus
Tenable Nessus
added 2024/08/07 12:0 a.m.17 views

SUSE SLED15: curl / libcurl-devel / libcurl-devel-32bit / libcurl4 / etc (SUSE-SU-2024:2784-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2784-1 advisory. - CVE-2024-7264: Fixed ASN.1 date parser overread bsc1228535 - CVE-2024-6197: Fixed freeing stac...

7.5CVSS7.2AI score0.17301EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2024/08/06 12:0 a.m.14 views

Fedora: Security Advisory (FEDORA-2024-a7976ba89f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.04296EPSS
Exploits1References3
Rows per page
Query Builder