curl: Title: Remote Code Execution (RCE) via Arbitrary Library Loading in `--engine` option

Summary: The curl command-line tool is vulnerable to Arbitrary Code Execution on POSIX-like systems Linux, macOS, etc.. The --engine option allows loading an OpenSSL crypto engine from a shared library .so file. Crucially, this option accepts an absolute or relative path to the library file,...

USN-7639-1 apache2 vulnerabilities

It was discovered that the Apache HTTP Server incorrectly handled certain Content-Type response headers. A remote attacker could possibly use this issue to perform HTTP response splitting attacks. CVE-2024-42516 xiaojunjie discovered that the Apache HTTP Server modproxy module incorrectly handled...