Lucene search
K

281 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.8 views

TencentOS Server 4: wget (TSSA-2024:1004)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1004 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

9.1CVSS7AI score0.00672EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.8 views

TencentOS Server 3: wget (TSSA-2023:0139)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0139 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

7.8CVSS6.6AI score0.00659EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.14 views

Alibaba Cloud Linux 3 : 0063: wget (ALINUX3-SA-2022:0063)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0063 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-5953: Buffer overflow in GNU Wget 1.20.1 a...

9.8CVSS8.6AI score0.05751EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.13 views

Alibaba Cloud Linux 3 : 0194: wget (ALINUX3-SA-2024:0194)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0194 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-38428: url.c in GNU Wget through 1.24.5...

9.1CVSS7AI score0.00672EPSS
Exploits0References2
OSV
OSV
added 2025/05/07 7:11 p.m.6 views

RLSA-2024:5299 Moderate: wget security update

The wget packages provide the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. Security Fixes: wget: Misinterpretation of input may lead to improper behavior CVE-2024-38428 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and othe...

5.5CVSS9.4AI score0.00672EPSS
Exploits0References2
Debian
Debian
added 2025/04/21 8:33 a.m.20 views

[SECURITY] [DLA 4133-1] wget security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4133-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk April 21, 2025 https://wiki.debian.org/LTS -...

9.1CVSS9.2AI score0.00672EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/17 2:53 p.m.11 views

Security Bulletin: Vulnerability in GNU Wget affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component.

Summary Potential vulnerability in GNU Wget has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. The vulnerability have been addressed. Refer to details for additional information. Vulnerabilit...

9.1CVSS6.4AI score0.00672EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/11 4:13 p.m.14 views

Security Bulletin: Vulnerability in GNU Wget affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component.

Summary Potential vulnerability in GNU Wget has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. The vulnerability have been addressed. Refer to details for additional information. Vulnerabilit...

9.1CVSS6.4AI score0.00672EPSS
Exploits0Affected Software2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.21 views

Linux Distros Unpatched Vulnerability : CVE-2021-31879

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007. CVE-2021-31879 Note...

9.8CVSS6.8AI score0.08031EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2024-38428

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was...

9.1CVSS6.8AI score0.00672EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2018-20483

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - setfilemetadata in xattr.c in GNU Wget before 1.20.1 stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the...

7.8CVSS6.5AI score0.00659EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2016-4971

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource. CVE-2016-4971 Note that...

8.8CVSS7AI score0.45935EPSS
Exploits8References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2018-0494

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the respnew function in http.c via a \r\n sequence in a continuation line. CVE-2018-0494...

6.5CVSS6.4AI score0.17249EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2014-4877

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Absolute path traversal vulnerability in GNU Wget before 1.16, when recursion is enabled, allows remote FTP servers to write to arbitrary files, and consequentl...

9.3CVSS7.3AI score0.39883EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2025/03/03 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2010-2252

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote...

6.8CVSS7.1AI score0.04214EPSS
Exploits0References2
Broadcom
Broadcom
added 2025/02/27 12:0 a.m.10 views

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent

Brocade Wget contains an improper input validation vulnerability. An attacker could exploit this via theuserinfosubcomponent of a URI to cause insecure behavior which could potentially cause improper authentication, exposure of sensitive information, or other serious data integrity issues...

9.1CVSS6.8AI score0.00672EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/30 2:59 p.m.10 views

Security Bulletin: Vulnerability in GNU Wget affects watsonx.data

Summary GNU Wget could allow a remote authenticated attacker to bypass security restrictions, and this could affect watsonx.data. Vulnerability Details CVEID:CVE-2024-38428 DESCRIPTION: GNU Wget could allow a remote authenticated attacker to bypass security restrictions, caused by the mishandling...

9.1CVSS6.2AI score0.00672EPSS
Exploits0Affected Software1
Microsoft CVE
Microsoft CVE
added 2024/11/27 8:0 a.m.3 views

GNU Wget is vulnerable to an SSRF attack when accessing partially-user-controlled shorthand URLs

...

6.5CVSS7.3AI score0.0111EPSS
Exploits0
CNVD
CNVD
added 2024/11/21 12:0 a.m.6 views

GNU Wget Code Problem Vulnerability

GNU Wget is a set of free software from the American GNU community for downloading over the Internet, which supports downloading over the three most common TCP/IP protocols: HTTP, HTTPS, and FTP. A code issue vulnerability exists in GNU Wget that stems from an application using Wget to access...

6.5CVSS7AI score0.0111EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/19 2:23 p.m.20 views

CVE-2024-10524 GNU Wget is vulnerable to an SSRF attack when accessing partially-user-controlled shorthand URLs

Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these cases attackers can enter crafted credentials which will cause Wget to access an arbitrary host...

6.5CVSS7AI score0.0111EPSS
Exploits0References3
Rows per page
Query Builder