curl: CVE-2025-14524: bearer token leak on cross-protocol redirect

Summary: A vulnerability exists in libcurl regarding the handling of OAuth2 Bearer tokens CURLOPTXOAUTH2BEARER during HTTP redirects. While libcurl correctly clears standard authentication credentials CURLOPTUSERPWD when following a redirect to a different host, port, or protocol a security...

TLS Certificate Check Bypass

libcurl is vulnerable to TLS Certificate Check Bypass. The vulnerability is caused due to libcurl not checking the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the...

CVE-2024-2466

libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate...

CURL-CVE-2024-2466 TLS certificate check bypass with mbedTLS

libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate...

CVE-2024-2466 TLS certificate check bypass with mbedTLS

libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate...

CVE-2024-2466 TLS certificate check bypass with mbedTLS

libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate...

CVE-2024-2466

libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate...

[SECURITY] Fedora 34 Update: fetchmail-6.4.22-1.fc34

Fetchmail is a remote mail retrieval and forwarding utility intended for use over on-demand TCP/IP links, like SLIP or PPP connections. Fetchmail supports every remote-mail protocol currently in use on the Internet POP2, POP3, RPOP, APOP, KPOP, all IMAPs, ESMTP ETRN, IPv6, and IPSEC for retrieval...

RCE in PHP or how to bypass disable_functions in PHP installations

Today we will explore an exciting method to remotely execute code even if an administrator set disablefunctions in the PHP configuration file. It works at most popular UNIX-like systems. CVE-2018–19518 was assigned to the vulnerability was found by a man with the @crlf nickname. Let’s see details...

Heartbleed Vulnerability Scanner - Network Scanner for OpenSSL Memory Leak (CVE-2014-0160)

Heartbleed Vulnerability Scanner is a multiprotocol HTTP, IMAP, SMTP, POP CVE-2014-0160 scanning and automatic exploitation tool written with python. For scanning wide ranges automatically, you can provide a network range in CIDR notation and an output file to dump the memory of vulnerable system...

Fortinet FortiMail Server Detection via IMAPS

Binary data 8735.prm...

Debian DLA-21-1 : fail2ban security update

Use anchored failregex for filters to avoid possible DoS. Manually picked up from the current status of 0.8 branch as of 0.8.13-29-g09b2016 : - CVE-2013-7176: postfix.conf - anchored on the front, expects 'postfix/smtpd' prefix in the log line - CVE-2013-7177: cyrus-imap.conf - anchored on the...

[SSL Certificate Downloader] Command-line Tool to grab SSL Certificate from Server Remotely

SSL Cert Downloader is a free command-line tool to grab SSL certificate from server remotely. It can be used to download certificate from any of the SSL enabled services including HTTPS 443 LDAPS 636 SMTPS 465 POPS 995 IMAPS 993 You can either specify IP address or host name of the server. Also y...

Sybase OneBridge Mobile Data Suite format string vulnerability

Format string vulnerability during IMAPs/SMTPs requests parsing...

Fedora Update for fetchmail FEDORA-2007-041

Check for the Version of fetchmail OpenVAS Vulnerability Test Fedora Update for fetchmail FEDORA-2007-041 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : ruby1.8 vulnerabilities (USN-596-1)

Chris Clark discovered that Ruby's HTTPS module did not check for commonName mismatches early enough during SSL negotiation. If a remote attacker were able to perform man-in-the-middle attacks, this flaw could be exploited to view sensitive information in HTTPS requests coming from Ruby...