Lucene search
K

556 matches found

Oracle linux
Oracle linux
added 2019/08/13 12:0 a.m.152 views

curl security and bug fix update

7.29.0-54.0.1 - Security Fixes OraBug: 28939992 - CVE-2016-8615 cookie injection for other servers https://curl.haxx.se/docs/CVE-2016-8615.html - CVE-2016-8616 case insensitive password comparison https://curl.haxx.se/docs/CVE-2016-8616.html - CVE-2016-8617 OOB write via unchecked multiplication...

10CVSS2.4AI score0.10823EPSS
Exploits0
OSV
OSV
added 2019/07/23 11:18 a.m.7 views

SUSE-SU-2019:1958-1 Security update for glibc

This update for glibc fixes the following issues: Security issues fixed: - CVE-2019-9169: Fixed a heap-based buffer over-read via an attempted case-insensitive regular-expression match bsc1127308. - CVE-2009-5155: Fixed a denial of service in parseregexp bsc1127223. Non-security issues fixed: -...

9.8CVSS8.5AI score0.04731EPSS
Exploits2References6
Microsoft KB
Microsoft KB
added 2019/06/20 12:0 a.m.5 views

May 23, 2019—KB4499184 (Preview of Monthly Rollup)

May 23, 2019—KB4499184 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4499149released May 14, 2019 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addresses an issue t...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/05/24 12:0 a.m.49 views

Oracle Linux 6 / 7 : curl (ELSA-2019-4652)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4652 advisory. - CVE-2016-8615 cookie injection for other servers https://curl.haxx.se/docs/CVE-2016-8615.html - CVE-2016-8616 case insensitive password compariso...

9.8CVSS7.3AI score0.05915EPSS
Exploits0References12
Oracle linux
Oracle linux
added 2019/05/21 12:0 a.m.186 views

curl security update

7.29.0-51.0.1 - Security Fixes OraBug: 28939992 - CVE-2016-8615 cookie injection for other servers https://curl.haxx.se/docs/CVE-2016-8615.html - CVE-2016-8616 case insensitive password comparison https://curl.haxx.se/docs/CVE-2016-8616.html - CVE-2016-8617 OOB write via unchecked multiplication...

9.8CVSS3.2AI score0.05915EPSS
Exploits0
NVD
NVD
added 2019/02/26 2:29 a.m.31 views

CVE-2019-9169

In the GNU C Library aka glibc or libc6 through 2.29, proceednextnode in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match...

9.8CVSS9.4AI score0.04731EPSS
Exploits1References11
UbuntuCve
UbuntuCve
added 2019/02/26 2:29 a.m.45 views

CVE-2019-9169

In the GNU C Library aka glibc or libc6 through 2.29, proceednextnode in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match...

9.8CVSS6.9AI score0.04731EPSS
Exploits1References2
OSV
OSV
added 2019/02/26 2:29 a.m.2 views

DEBIAN-CVE-2019-9169

In the GNU C Library aka glibc or libc6 through 2.29, proceednextnode in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match...

9.8CVSS6.5AI score0.04731EPSS
Exploits1References1
OSV
OSV
added 2019/02/26 2:29 a.m.4 views

UBUNTU-CVE-2019-9169

In the GNU C Library aka glibc or libc6 through 2.29, proceednextnode in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match...

9.8CVSS7AI score0.04731EPSS
Exploits1References3
Cvelist
Cvelist
added 2019/02/26 2:0 a.m.29 views

CVE-2019-9169

In the GNU C Library aka glibc or libc6 through 2.29, proceednextnode in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match...

9.5AI score0.04731EPSS
Exploits1References11
ATTACKERKB
ATTACKERKB
added 2019/02/26 12:0 a.m.67 views

CVE-2019-9169

In the GNU C Library aka glibc or libc6 through 2.29, proceednextnode in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. Recent assessments: busterb at June 15, 2020 6:59pm UTC reported: A buffer overread in a very specific part of the...

9.8CVSS0.9AI score0.04731EPSS
Exploits1References11
RedHat Linux
RedHat Linux
added 2018/11/13 8:36 a.m.3 views

curl: Case insensitive password comparison

A flaw was found in curl before version 7.51.0 When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. This means that if an unused connection with proper credentials exists for a protocol that has connection-scoped...

5.9CVSS7.2AI score0.03472EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/08/16 4:6 p.m.5 views

curl: Case insensitive password comparison

A flaw was found in curl before version 7.51.0 When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. This means that if an unused connection with proper credentials exists for a protocol that has connection-scoped...

5.9CVSS7.2AI score0.03472EPSS
Exploits0References5
Veracode
Veracode
added 2018/08/02 6:56 a.m.28 views

Remote Security Bypass

libcurl.so is vulnerable to remote security bypass attacks. The vulnerability exists due to a flaw of case insensitive password comparisons such that an attacker with the correct case insensitive password would be authorized...

5.9CVSS7.5AI score0.03472EPSS
Exploits0References10Affected Software5
Prion
Prion
added 2018/08/01 6:29 a.m.23 views

Default credentials

A flaw was found in curl before version 7.51.0 When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. This means that if an unused connection with proper credentials exists for a protocol that has connection-scoped...

4.3CVSS6.8AI score0.03472EPSS
Exploits0References10Affected Software1
NVD
NVD
added 2018/08/01 6:29 a.m.23 views

CVE-2016-8616

A flaw was found in curl before version 7.51.0 When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. This means that if an unused connection with proper credentials exists for a protocol that has connection-scoped...

5.9CVSS6.5AI score0.03472EPSS
Exploits0References10
OSV
OSV
added 2018/08/01 6:29 a.m.3 views

DEBIAN-CVE-2016-8616

A flaw was found in curl before version 7.51.0 When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. This means that if an unused connection with proper credentials exists for a protocol that has connection-scoped...

5.9CVSS8.8AI score0.03472EPSS
Exploits0References1
OSV
OSV
added 2018/08/01 6:29 a.m.29 views

CVE-2016-8616

A flaw was found in curl before version 7.51.0 When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. This means that if an unused connection with proper credentials exists for a protocol that has connection-scoped...

5.9CVSS6.8AI score0.03472EPSS
Exploits0References10
OSV
OSV
added 2018/08/01 6:29 a.m.3 views

ALPINE-CVE-2016-8616

A flaw was found in curl before version 7.51.0 When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. This means that if an unused connection with proper credentials exists for a protocol that has connection-scoped...

5.9CVSS6.6AI score0.03472EPSS
Exploits0References1
CVE
CVE
added 2018/08/01 6:0 a.m.196 views

CVE-2016-8616

CVE-2016-8616 affects curl prior to 7.51.0. When re-using a connection, curl performed case-insensitive comparisons of the username and password against existing connections, enabling an attacker who knows the case-insensitive form of the correct password to cause reuse of an unused connection wi...

5.9CVSS7.3AI score0.03472EPSS
Exploits0References10Affected Software1
Rows per page
Query Builder