CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

312 matches found

CloudLinux•added 2026/03/23 2:53 p.m.•17 views

curl: Fix of CVE-2026-3784

CVE-2026-3784: fix proxy connection reuse with different credentials - update outdated timestamps in test 046...

6.5CVSS5.8AI score0.00302EPSS

Exploits1

OSV•added 2026/03/20 9:37 a.m.•0 views

SUSE-SU-2026:20918-1 Security update for curl

This update for curl fixes the following issues: - CVE-2026-1965: bad reuse of HTTP Negotiate connection bsc1259362. - CVE-2026-3783: token leak with redirect and netrc bsc1259363. - CVE-2026-3784: wrong proxy connection reuse with credentials bsc1259364. - CVE-2026-3805: use after free in SMB...

7.5CVSS7.2AI score0.00715EPSS

Exploits4References9

Tenable Nessus•added 2026/03/19 12:0 a.m.•3 views

SUSE SLED15 / SLES15 Security Update : curl (SUSE-SU-2026:0911-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0911-1 advisory. - CVE-2026-1965: bad reuse of HTTP Negotiate connection bsc1259362. - CVE-2026-3783: token leak with redirect...

7.5CVSS7.2AI score0.00715EPSS

Exploits4References13

OSV•added 2026/03/18 10:1 a.m.•1 views

SUSE-SU-2026:20902-1 Security update for libsoup

This update for libsoup fixes the following issues: Update to libsoup 3.6.6: - CVE-2025-12105: heap use-after-free in message queue handling during HTTP/2 read completion bsc1252555. - CVE-2025-14523: Duplicate Host Header Handling Causes Host-Parsing Discrepancy bsc1254876. - CVE-2025-32049:...

9.1CVSS6AI score0.00728EPSS

Exploits2References19

OSV•added 2026/03/18 10:1 a.m.•1 views

SUSE-SU-2026:20752-1 Security update for libsoup

9.1CVSS6.9AI score0.00728EPSS

Exploits2References19

OSV•added 2026/03/18 8:52 a.m.•3 views

SUSE-SU-2026:0921-1 Security update for curl

6.5CVSS5.8AI score0.00333EPSS

Exploits2References7

OSV•added 2026/03/17 7:56 p.m.•2 views

SUSE-SU-2026:0911-1 Security update for curl

7.5CVSS5.8AI score0.00715EPSS

Exploits4References9

OSV•added 2026/03/16 5:35 p.m.•3 views

USN-8099-1 curl vulnerabilities

Zhicheng Chen discovered that curl could incorrectly reuse the wrong connection for Negotiate-authenticated HTTP or HTTPS requests. This could result in the use of credentials from a different connection, contrary to expectations. This issue only affected Ubuntu 20.04 LTS. CVE-2026-1965 It was...

6.5CVSS5.8AI score0.00333EPSS

Exploits2References4

OSV•added 2026/03/13 8:41 a.m.•3 views

OPENSUSE-SU-2026:20354-1 Security update for libsoup2

This update for libsoup2 fixes the following issues: - CVE-2025-4476: null pointer dereference may lead to denial of service bsc1243422. - CVE-2025-14523: Duplicate Host Header Handling Causes Host-Parsing Discrepancy bsc1254876. - CVE-2025-32049: Denial of Service attack to websocket server...

9.1CVSS8.1AI score0.00728EPSS

Exploits3References22

Tenable Nessus•added 2026/03/13 12:0 a.m.•6 views

SUSE SLES15 / openSUSE 15 Security Update : curl (SUSE-SU-2026:0885-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0885-1 advisory. - CVE-2026-1965: bad reuse of HTTP Negotiate connection bsc1259362. - CVE-2026-3783: token leak with redirect and net...

7.5CVSS7.2AI score0.00715EPSS

Exploits4References13

SUSE Linux•added 2026/03/12 2:50 p.m.•5 views

Security update for curl

This update for curl fixes the following issues: CVE-2026-1965: bad reuse of HTTP Negotiate connection bsc1259362. CVE-2026-3783: token leak with redirect and netrc bsc1259363. CVE-2026-3784: wrong proxy connection reuse with credentials bsc1259364. CVE-2026-3805: use after free in SMB connection...

7.5CVSS5.8AI score0.00715EPSS

Exploits4References16

OSV•added 2026/03/12 2:50 p.m.•1 views

SUSE-SU-2026:0885-1 Security update for curl

7.5CVSS5.8AI score0.00715EPSS

Exploits4References9

SUSE Linux•added 2026/03/12 10:4 a.m.•4 views

Security update for curl

7.5CVSS5.8AI score0.00715EPSS

Exploits4References16

OSV•added 2026/03/12 10:4 a.m.•2 views

SUSE-SU-2026:20668-1 Security update for curl

7.5CVSS5.8AI score0.00715EPSS

Exploits4References9

OSV•added 2026/03/12 9:40 a.m.•2 views

SUSE-SU-2026:20722-1 Security update for curl

7.5CVSS5.8AI score0.00715EPSS

Exploits4References9

SUSE CVE•added 2026/03/11 4:18 p.m.•2 views

SUSE CVE-2026-3784

curl would wrongly reuse an existing HTTP proxy connection doing CONNECT to a server, even if the new request uses different credentials for the HTTP proxy. The proper behavior is to create or use a separate connection...

4.6CVSS5.8AI score0.00302EPSS

Exploits1References12

Ubuntu•added 2026/03/11 12:11 p.m.•7 views

USN-8084-1: curl vulnerabilities

Zhicheng Chen discovered that curl could incorrectly reuse the wrong connection for Negotiate-authenticated HTTP or HTTPS requests. This could result in the use of credentials from a different connection, contrary to expectations. CVE-2026-1965 It was discovered that curl incorrectly leaked OAuth...

7.5CVSS7.3AI score0.00715EPSS

Exploits5