CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

298 matches found

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a slab-out-of-bounds issue in initsmb2rsphdr. When smb1 mounting fails, KASAN detects a slab-out-of-bounds issue in initsmb2rsphdr, as follows. For smb1’s negotiate56 bytes, initsmb2rsphdr is called for smb2. The iss...

5.7AI score0.00168EPSS

Exploits0References1

Tenable Nessus•added 2026/06/12 12:0 a.m.•10 views

EulerOS Virtualization 2.13.1 : curl (EulerOS-SA-2026-2368)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libcurl can in some circumstances reuse the wrong connection when asked to do an Negotiate-authenticated HTTP or HTTPS request. libcu...

6.5CVSS7.8AI score0.00333EPSS

Exploits2References4

Tenable Nessus•added 2026/06/12 12:0 a.m.•8 views

EulerOS Virtualization 2.13.0 : curl (EulerOS-SA-2026-2397)

6.5CVSS7.8AI score0.00333EPSS

Exploits2References4

Tenable Nessus•added 2026/06/10 12:0 a.m.•8 views

EulerOS 2.0 SP13 : curl (EulerOS-SA-2026-2326)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libcurl can in some circumstances reuse the wrong connection when asked to dox000D an Negotiate-authenticated HTTP or HTTPS request.x000D x000D...

6.5CVSS7.4AI score0.00333EPSS

Exploits2References4

Tenable Nessus•added 2026/06/10 12:0 a.m.•6 views

EulerOS 2.0 SP13 : curl (EulerOS-SA-2026-2283)

6.5CVSS7.4AI score0.00333EPSS

Exploits2References4

Tenable Nessus•added 2026/06/09 12:0 a.m.•7 views

EulerOS 2.0 SP11 : curl (EulerOS-SA-2026-2238)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a redirect to a second URL, curl could leak that token to the...

6.5CVSS7.4AI score0.00333EPSS

Exploits2References4

Tenable Nessus•added 2026/06/09 12:0 a.m.•9 views

EulerOS 2.0 SP11 : curl (EulerOS-SA-2026-2200)

6.5CVSS7.4AI score0.00333EPSS

Exploits2References4

Tenable Nessus•added 2026/06/06 12:0 a.m.•10 views

EulerOS Virtualization 2.12.1 : curl (EulerOS-SA-2026-2072)

6.5CVSS5.6AI score0.00333EPSS

Exploits2References4

Tenable Nessus•added 2026/06/06 12:0 a.m.•8 views

EulerOS Virtualization 2.12.0 : curl (EulerOS-SA-2026-2097)

6.5CVSS5.6AI score0.00333EPSS

Exploits2References4

OSV•added 2026/05/29 1:33 p.m.•11 views

OESA-2026-2477 curl security update

cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If...

7.5CVSS5.8AI score0.00639EPSS

Exploits7References8

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ixgbevf: added the missing negotiatefeatures operation to the Hyper-V ops table. The commit a7075f501bd3 “ixgbevf: fixed mailbox API compatibility by negotiating supported features” added the .negotiatefeatures callback to...

5.5CVSS5.7AI score0.00123EPSS

Exploits0References1

Tenable Nessus•added 2026/05/19 12:0 a.m.•9 views

SUSE SLES15 Security Update : curl (SUSE-SU-2026:1940-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1940-1 advisory. Security issues fixed: - CVE-2026-4873: connection reuse ignores TLS requirement bsc1262631. - CVE-2026-5545: wrong reuse of HTTP...

7.5CVSS7.2AI score0.00639EPSS

Exploits5References19

OSV•added 2026/05/18 7:44 a.m.•5 views

SUSE-SU-2026:1940-1 Security update for curl

This update for curl fixes the following issues: Security issues fixed: - CVE-2026-4873: connection reuse ignores TLS requirement bsc1262631. - CVE-2026-5545: wrong reuse of HTTP Negotiate connection bsc1262632. - CVE-2026-6253: proxy credentials leak over redirect-to proxy bsc1262635. -...

7.5CVSS5.8AI score0.00639EPSS

Exploits5References13

OSV•added 2026/05/16 12:16 a.m.•6 views

CLSA-2026-1778890582 curl: Fix of CVE-2026-5545

CVE-2026-5545: wrong reuse of HTTP Negotiate connection; only allow an existing connection to be reused and "upgraded" to NTLM when neither NTLM nor Negotiate authentication is in flight on it...

6.5CVSS5.8AI score0.00414EPSS

Exploits1References1

OSV•added 2026/05/16 12:3 a.m.•9 views

CLSA-2026-1778889816 curl: Fix of CVE-2026-5545

CVE-2026-5545: wrong reuse of HTTP Negotiate connection; only allow an existing connection to be reused and "upgraded" to NTLM when neither NTLM nor Negotiate authentication is in flight on it...

6.5CVSS5.8AI score0.00414EPSS

Exploits1References1

Microsoft CVE•added 2026/05/14 8:2 a.m.•5 views

wrong reuse of HTTP Negotiate connection

...

6.5CVSS5.3AI score0.00414EPSS

Exploits1

EUVD•added 2026/05/13 6:30 p.m.•9 views

EUVD-2026-29923

libcurl might in some circumstances reuse the wrong connection when asked to do an authenticated HTTPS request after a Negotiate-authenticated one, when both use the same host. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid...

6.5CVSS5.8AI score0.00414EPSS

Exploits1References4