Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.20 views

TencentOS Server 3: git-lfs (TSSA-2026:0380)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0380 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.5CVSS7.4AI score0.00621EPSS
Exploits0References5
OSV
OSV
added 2026/05/07 5:37 p.m.10 views

CLSA-2026-1778175425 curl: Fix of 2 CVEs

CVE-2016-8624: invalid URL parsing with '' - CVE-2016-8623: use-after-free via shared cookies...

7.5CVSS6.8AI score0.05915EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/23 11:53 p.m.5 views

CVE-2025-69251 free5GC has Improper Input Validation in UDM, Leading to Information Exposure

free5gc UDM provides Unified Data Management UDM for free5GC, an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, remote attackers can inject control characters e.g., %00 into the ueId parameter, triggering internal URL parsing errors net/url:...

8.7CVSS5.4AI score0.00462EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.17 views

RHEL 5 : lynx (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - lynx: Invalid URL parsing of pages containing '?' CVE-2016-9179 Note that Nessus has not tested for this issue but...

7.5CVSS7.3AI score0.01987EPSS
Exploits0References1
Oracle linux
Oracle linux
added 2020/04/06 12:0 a.m.43 views

curl security and bug fix update

7.29.0-57.0.1 - Fix TFTP small blocksize heap buffer overflow https://curl.haxx.se/docs/CVE-2019-5482.htmlCVE-2019-5482Orabug: 30568724 - Security Fixes OraBug: 28939992 - CVE-2016-8615 cookie injection for other servers https://curl.haxx.se/docs/CVE-2016-8615.html - CVE-2016-8616 case insensitiv...

9.8CVSS2.3AI score0.49739EPSS
Exploits1
Hacker One
Hacker One
added 2016/11/24 3:19 p.m.17 views

OWOX, Inc.: invalid URL parsing with and '@'

Description : invalid URL parsing with and '@' this can harm full for user Live POC : https://[email protected]...

0.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/11/11 12:0 a.m.63 views

Amazon Linux AMI : curl (ALAS-2016-766)

This build resolves the following issues : CVE-2016-8615 : Cookie injection for other servers CVE-2016-8616 : Case insensitive password comparison CVE-2016-8617 : Out-of-bounds write via unchecked multiplication CVE-2016-8618 : Double-free in curlmaprintf CVE-2016-8619 : Double-free in krb5 code...

9.8CVSS7AI score0.05915EPSS
Exploits0References11
OSV
OSV
added 2016/11/02 8:0 a.m.13 views

CURL-CVE-2016-8624 invalid URL parsing with '#'

curl does not parse the authority component of the URL correctly when the host name part ends with a hash character, and could instead be tricked into connecting to a different host. This may have security implications if you for example use a URL parser that follows the RFC to check for allowed...

7.5CVSS8.4AI score0.05915EPSS
Exploits0
FreeBSD
FreeBSD
added 2016/11/02 12:0 a.m.48 views

cURL -- multiple vulnerabilities

The cURL project reports cookie injection for other servers case insensitive password comparison OOB write via unchecked multiplication double-free in curlmaprintf double-free in krb5 code glob parser write/read out of bounds curlgetdate read out of bounds URL unescape heap overflow via integer...

9.8CVSS3.4AI score0.05915EPSS
Exploits0References1
Rows per page
Query Builder