Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2018-2069

Malware in sbrugna...

6.1CVSS6.2AI score0.00865EPSS
Exploits1References2
Amazon
Amazonadded 2025/06/23 12:0 a.m.4 views

Medium: curl

Issue Overview: When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure HTTP:// scheme and perform...

6.5CVSS6.7AI score0.0197EPSS
Exploits1
OSV
OSVadded 2024/11/15 12:19 p.m.1 views

OESA-2024-2388 curl security update

cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later th...

6.5CVSS7AI score0.0197EPSS
Exploits1References2
OSV
OSVadded 2024/11/06 8:15 a.m.4 views

AZL-52426 CVE-2024-9681 affecting package mysql for versions less than 8.0.40-3

When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure HTTP:// scheme and perform transfers with host...

6.5CVSS6.7AI score0.0197EPSS
Exploits1References1
OSV
OSVadded 2024/11/06 8:15 a.m.4 views

AZL-52414 CVE-2024-9681 affecting package mysql for versions less than 8.0.40-5

When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure HTTP:// scheme and perform transfers with host...

6.5CVSS6.7AI score0.0197EPSS
Exploits1References1
OSV
OSVadded 2022/06/27 12:0 a.m.1 views

UBUNTU-CVE-2022-32205

A malicious server can serve excessive amounts of Set-Cookie: headers in a HTTP response to curl and curl 7.84.0 stores all of them. A sufficiently large amount of big cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger th...

4.3CVSS6.6AI score0.26915EPSS
Exploits1References4
OSV
OSVadded 2019/02/04 9:29 p.m.5 views

CVE-2018-1000998

FreeBSD CVSweb version 2.x contains a Cross Site Scripting XSS vulnerability in all pages that can result in limited impact--CVSweb is anonymous & read-only. It might impact other sites on same domain. This attack appears to be exploitable via victim must load specially crafted url. This...

6.1CVSS5.8AI score
Exploits0References1
FreeBSD
FreeBSDadded 2019/01/29 12:0 a.m.36 views

buildbot -- CRLF injection in Buildbot login and logout redirect code

A CRLF can be injected in Location header of /auth/login and /auth/logout This is due to lack of input validation in the buildbot redirection code. It was not found a way to impact Buildbot product own security through this vulnerability, but it could be used to compromise other sites hosted on t...

6.1CVSS0.4AI score0.0087EPSS
Exploits1References2
Rows per page
Query Builder