Lucene search
K

19 matches found

OSV
OSV
added 2026/01/14 1:23 p.m.3 views

OPENSUSE-SU-2026:20038-1 Security update for wget2

This update for wget2 fixes the following issues: Changes in wget2: - Update to release 2.2.1 Fix file overwrite issue with metalink CVE-2025-69194 bsc1255728 Fix remote buffer overflow in getlocalfilenamereal CVE-2025-69195 bsc1255729 Fix a redirect/mirror regression from 400713ca Use the local...

9.8CVSS6.1AI score0.00707EPSS
Exploits1References4
OPENSUSE Linux
OPENSUSE Linux
added 2026/01/12 12:0 a.m.2 views

Security update for wget2 (important)

openSUSE Security Update: Security update for wget2 Announcement ID: openSUSE-SU-2026:0010-1 Rating: important References: 1255728 1255729 Cross-References: CVE-2025-69194 CVE-2025-69195 Affected Products: openSUSE Backports SLE-15-SP6 An update that fixes two vulnerabilities is now available...

9.8CVSS7.4AI score0.00707EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.4 views

Siemens SIMATIC S7-1500 Use of Incorrectly-Resolved Name or Reference (CVE-2022-27778)

A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when --no-clobber is used together with --remove-on-error. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

8.1CVSS6.6AI score0.03453EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:26 a.m.4 views

SUSE CVE-2022-27778

A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when --no-clobber is used together with --remove-on-error...

5.5CVSS7AI score0.03453EPSS
Exploits1References4
Microsoft CVE
Microsoft CVE
added 2022/06/11 7:0 a.m.5 views

A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `--no-clobber` is used together with `--remove-on-error`.

...

8.1CVSS6.6AI score0.03453EPSS
Exploits1
OSV
OSV
added 2022/06/02 2:15 p.m.10 views

AZL-9876 CVE-2022-27778 affecting package curl for versions less than 7.83.1-1

A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when --no-clobber is used together with --remove-on-error...

8.1CVSS6.5AI score0.03453EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/06/02 2:15 p.m.4 views

CVE-2022-27778

A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when --no-clobber is used together with --remove-on-error...

8.1CVSS5.8AI score0.03453EPSS
Exploits1References5
OSV
OSV
added 2022/06/02 2:15 p.m.3 views

ALPINE-CVE-2022-27778

A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when --no-clobber is used together with --remove-on-error...

8.1CVSS7AI score0.03453EPSS
Exploits1References1
OSV
OSV
added 2022/06/02 2:15 p.m.1 views

DEBIAN-CVE-2022-27778

A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when --no-clobber is used together with --remove-on-error...

8.1CVSS6.4AI score0.03453EPSS
Exploits1References1
Prion
Prion
added 2022/06/02 2:15 p.m.35 views

Code injection

A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when --no-clobber is used together with --remove-on-error...

5.8CVSS7.7AI score0.03453EPSS
Exploits1References4Affected Software2
Debian CVE
Debian CVE
added 2022/06/01 7:3 p.m.73 views

CVE-2022-27778

A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when --no-clobber is used together with --remove-on-error...

8.1CVSS7.1AI score0.03453EPSS
Exploits1
Cvelist
Cvelist
added 2022/06/01 7:3 p.m.31 views

CVE-2022-27778

A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when --no-clobber is used together with --remove-on-error...

9AI score0.03453EPSS
Exploits1References4
CVE
CVE
added 2022/06/01 7:3 p.m.227 views

CVE-2022-27778

CVE-2022-27778 is a vulnerability in curl/libcurl described as an “use of incorrectly resolved name” that may cause removal of the wrong file when using --no-clobber with --remove-on-error. Connected advisories confirm the issue exists in curl up to version 7.83.0 and is fixed in 7.83.1. Articles...

8.1CVSS7.8AI score0.03453EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/05/30 12:0 a.m.6 views

The vulnerability lies in the implementation of the --no-clobber and --remove-on-error options in the cURL command-line utility, which allow a malicious user to delete any files they desire.

The vulnerability of the --no-clobber and --remove-on-error command-line utilities of cURL is related to the use of incorrect path names. Exploiting this vulnerability could allow a remote attacker to delete any files they desire...

3.1CVSS6.5AI score0.03453EPSS
Exploits1References11Affected Software3
Redos
Redos
added 2022/05/24 12:0 a.m.4 views

ROS-20220524-21

The cURL command-line utility vulnerability is related to a bug in the HSTS implementation that could allow curl to continue using the HTTP protocol instead of HTTPS if the hostname in the specified URL used an endpoint but did not use it when building the HSTS cache. Exploitation of the...

7.5CVSS7.1AI score0.02596EPSS
Exploits5
OSV
OSV
added 2022/05/11 8:0 a.m.6 views

CURL-CVE-2022-27778 curl removes wrong file on error

curl might remove the wrong file when --no-clobber is used together with --remove-on-error. The --remove-on-error option tells curl to remove the output file when it returns an error, and not leave a partial file behind. The --no-clobber option prevents curl from overwriting a file if it already...

8.1CVSS7.8AI score0.03453EPSS
Exploits1
curl security advisories
curl security advisories
added 2022/05/11 8:0 a.m.6 views

curl removes wrong file on error

curl might remove the wrong file when --no-clobber is used together with --remove-on-error. The --remove-on-error option tells curl to remove the output file when it returns an error, and not leave a partial file behind. The --no-clobber option prevents curl from overwriting a file if it already...

8.1CVSS6.2AI score0.03453EPSS
Exploits1References1Affected Software2
Hacker One
Hacker One
added 2022/05/11 7:11 a.m.72 views

Internet Bug Bounty: CVE-2022-27778: curl removes wrong file on error

Summary: Curl command has a logic flaw that results in removal of a wrong file when combining --no-clobber and --remove-on-error if the target file name exists and an error occurs. Steps To Reproduce: 1. echo "important file" foo 2. echo -ne "HTTP/1.1 200 OK\r\nContent-Length: 666\r\n\r\nHello\n"...

5.8CVSS7.8AI score0.03453EPSS
Exploits1
CNNVD
CNNVD
added 2022/05/11 12:0 a.m.4 views

curl 安全漏洞

curl is a tool for transferring data from or to a server. A security vulnerability exists in curl version 7.83.0, which stems from the possibility that the curl command-line tool may mistakenly delete files when --no-clobber is used in conjunction with --remove-on-error. A remote attacker can use...

8.1CVSS6.4AI score0.03453EPSS
Exploits1References12
Rows per page
Query Builder