Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Amazon
Amazonadded 2023/06/07 12:0 a.m.35 views

Medium: curl

Issue Overview: The curl advisory describes this issue as follows: curl supports communicating using the TELNET protocol and as a part of this it offers users to pass on user name and "telnet options" for the server negotiation. Due to lack of proper input scrubbing and without it being the...

9.8CVSS6.9AI score0.00179EPSS
Exploits6
Cloud Foundry
Cloud Foundryadded 2023/04/29 12:0 a.m.40 views

USN-5964-1: curl vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Canonical Ubuntu 22.04 Description Harry Sintonen discovered that curl incorrectly handled certain TELNET connection options. Due to lack of proper input scrubbing, curl could pass on user name and telnet options to...

9.8CVSS7.7AI score0.00179EPSS
Exploits5Affected Software5
Amazon
Amazonadded 2023/04/20 12:0 a.m.44 views

Medium: curl

Issue Overview: The curl advisory describes this issue as follows: curl supports communicating using the TELNET protocol and as a part of this it offers users to pass on user name and "telnet options" for the server negotiation. Due to lack of proper input scrubbing and without it being the...

9.8CVSS6.8AI score0.00179EPSS
Exploits3
OSV
OSVadded 2023/03/20 8:0 a.m.34 views

CURL-CVE-2023-27533 TELNET option IAC injection

curl supports communicating using the TELNET protocol and as a part of this it offers users to pass on username and "telnet options" for the server negotiation. Due to lack of proper input scrubbing and without it being the documented functionality, curl would pass on username and telnet options ...

9.8CVSS6.6AI score0.00179EPSS
Exploits1
Hacker One
Hacker Oneadded 2023/03/20 7:32 a.m.84 views

Internet Bug Bounty: CVE-2023-27533: TELNET option IAC injection

A vulnerability CVE-2023-27533 was found in curl versions 7.7 to 7.88.1 that allowed users to pass on user name and "telnet options" for server negotiation without proper input scrubbing, potentially allowing for the injection of unintended TELNET commands to the telnet connection. The severity o...

8.8CVSS7AI score0.00179EPSS
Exploits1
UbuntuCve
UbuntuCveadded 2023/03/20 12:0 a.m.52 views

CVE-2023-27533

A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform...

9.8CVSS7.1AI score0.00179EPSS
Exploits1References4
Cvelist
Cvelistadded 2018/06/04 7:0 p.m.15 views

CVE-2017-16017

sanitize-html is a library for scrubbing html input for malicious values Versions 1.2.2 and below have a cross site scripting vulnerability...

6.1AI score0.00264EPSS
Exploits1References3
Fedora
Fedoraadded 2015/11/30 9:27 p.m.20 views

[SECURITY] Fedora 23 Update: perl-HTML-Scrubber-0.15-1.fc23

If you wanna "scrub" or "sanitize" html input in a reliable an flexible fashion, then this module is for you. I wasn't satisfied with HTML::Sanitizer because it is based on HTML::TreeBuilder, so I thought I'd write something similar that works directly with HTML::Parser...

2.6CVSS0.9AI score0.0041EPSS
Exploits0
Rows per page
Query Builder