Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

IBM Security Bulletins
IBM Security Bulletinsadded 2024/11/15 9:51 p.m.31 views

Security Bulletin: TSSC/IMC is vulnerable to a bypass security restrictions attack on curl

Summary TSSC/IMC is vulnerable to a bypass security restrictions attack on curl. A patch has been provided that updates the libssh library. CVE-2023-28322, CVE-2023-38546, CVE-2023-46218 Vulnerability Details CVEID:CVE-2023-28322 DESCRIPTION: cURL libcurl could allow a remote attacker to bypass...

6.5CVSS7AI score0.06208EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2024/11/12 10:20 a.m.35 views

Security Bulletin: Due to use of cURL libcurl, IBM Event Streams is vunerable to bypass security restrictions.

Summary cURL libcurl is used in IBM Event Streams CVE-2023-28322 Vulnerability Details CVEID:CVE-2023-28322 DESCRIPTION: cURL libcurl could allow a remote attacker to bypass security restrictions, caused by a flaw in the logic for a reused handle when it is expected to be changed from a PUT to a...

5.3CVSS6.7AI score0.02211EPSS
Exploits1Affected Software1
Hacker One
Hacker Oneadded 2023/05/18 9:15 a.m.64 views

Internet Bug Bounty: CVE-2023-28322: more POST-after-PUT confusion

Libcurl, a popular open-source library for transferring data over HTTPS, had a vulnerability CVE-2023-28322 that could allow an attacker to inject data or cause the application to misbehave. The vulnerability was caused by a logic flaw that could cause libcurl to use the wrong callback function...

3.7CVSS6.1AI score0.02211EPSS
Exploits1
ICS
ICSadded 2023/05/09 12:0 a.m.44 views

Siemens SINEC NMS Third-Party

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

9.8CVSS8.7AI score0.04325EPSS
Exploits5References12
Talos
Talosadded 2019/12/11 12:0 a.m.54 views

W1.fi hostapd deauthentication denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for hostapd 2.6 connected clients with valid 802.11w sessions. By simulating an incomplete new association, an attacker can trigger a deauthentication against stations using 802.11w, resulting in ...

7.4CVSS6.6AI score0.00545EPSS
Exploits0
Talos
Talosadded 2019/12/11 12:0 a.m.138 views

Linux kernel CAM table denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different...

7.4CVSS6.9AI score0.10114EPSS
Exploits1
Rows per page
Query Builder