CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Summary libcURL vulnerabilities were disclosed by the libcURL Project. libcURL is used by IBM DevOps Code ClearCase. CVE-2024-7264, CVE-2024-9681 Vulnerability Details CVEID:CVE-2024-7264 DESCRIPTION: cURL libcurl could allow a local attacker to obtain sensitive information, caused by an...

6.5CVSS6.8AI score0.00796EPSS

Exploits2Affected Software1

IBM Security Bulletins•added 2024/06/14 4:27 p.m.•37 views

Security Bulletin: Vulnerabilities in libcurl, cURL and Linux Kernel might affect IBM Storage Copy Data Management

Summary IBM Storage Copy Data Management can be affected by vulnerabilities in libcurl, cURL and Linux Kernel. Vulnerabilities include an attacker could exploit these vulnerabilities to overflow a buffer and execute arbitrary code on the system, to insert cookies at will into a running program, t...

9.8CVSS9.7AI score0.85264EPSS

Exploits28Affected Software1

IBM Security Bulletins•added 2023/11/17 12:13 p.m.•75 views

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to libcurl vulnerabilities (CVE-2023-38546, CVE-2023-38545)

Summary Issues were identified in libcurl, which is packaged with the IBM MQ Queue Manager Container image. These issues are now fixed, and the fixes are shipped with the latest IBM MQ Operator and IBM-supplied MQ Advanced container images. Vulnerability Details CVEID: CVE-2023-38546 DESCRIPTION:...

9.8CVSS8.7AI score0.26747EPSS

Exploits6Affected Software1

Positive Technologies•added 2023/08/15 12:0 a.m.•1 views

PT-2023-28742 · Broadcom · Broadcom Raid Controller

Name of the Vulnerable Software and Affected Versions: Broadcom RAID Controller affected versions not specified Description: The Broadcom RAID Controller web interface is vulnerable due to its usage of Libcurl with known vulnerabilities in LSA. Recommendations: At the moment, there is no...

9.8CVSS9.4AI score0.00106EPSS

Exploits0References7

Amazon•added 2023/07/26 12:0 a.m.•2 views

Medium: curl

Issue Overview: libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the now freed hash. This flaw risks inserting sensitive heap-based data into t...

7.5CVSS6.9AI score0.00631EPSS

Exploits3

IBM Security Bulletins•added 2022/10/06 4:10 a.m.•57 views

Security Bulletin: IBM MaaS360 Cloud Extender Agent and Base Module uses libcurl with multiple known vulnerabilities (CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208)

Summary Vulnerabilities contained within libcurl a 3rd party component were identified and remediated in the IBM MaaS360 Cloud Extender Agent and Base Module. Vulnerability Details CVEID:CVE-2022-32205 DESCRIPTION: cURL libcurl is vulnerable to a denial of service, caused by an issue with the...

9.8CVSS7.6AI score0.03367EPSS

Exploits4Affected Software1

F5 Networks•added 2014/11/25 12:0 a.m.•43 views

SOL15862 - Multiple cURL and libcurl vulnerabilities CVE-2014-0015, CVE-2014-0138, and CVE-2014-0139

Recommended Action BIG-IP, BIG-IQ, and Enterprise Manager If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candida...

6.4CVSS1.3AI score0.01626EPSS

Exploits1References4

OSV•added 2005/05/02 4:0 a.m.•3 views

CVE-2005-0490

Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly other versions, allow remote malicious web servers to execute arbitrary code via base64 encoded replies that exceed the intended buffer lengths when decoded, which is not properly handled by 1 the Curlinputntlm functio...

8.8CVSS9.2AI score0.02576EPSS

Exploits0References19

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by