Lucene search
K

61 matches found

Hacker One
Hacker One
added 2026/03/11 4:6 p.m.13 views

curl: Curl_compareheader() fails to match multi-value HTTP headers

Summary Curlcompareheader in lib/http.c fails to scan the full value of HTTP headers for substring matches. Due to an incorrect loop condition, only the first byte position of the header value is checked. This causes curl to miss connection options like close when they appear as non-first tokens ...

5.8AI score
Exploits0
EUVD
EUVD
added 2026/03/11 12:31 p.m.4 views

EUVD-2026-11139

curl would wrongly reuse an existing HTTP proxy connection doing CONNECT to a server, even if the new request uses different credentials for the HTTP proxy. The proper behavior is to create or use a separate connection...

6.5CVSS5.8AI score0.00302EPSS
Exploits1References5
OSV
OSV
added 2026/03/11 11:16 a.m.9 views

ALPINE-CVE-2026-3784

curl would wrongly reuse an existing HTTP proxy connection doing CONNECT to a server, even if the new request uses different credentials for the HTTP proxy. The proper behavior is to create or use a separate connection...

6.5CVSS7.1AI score0.00302EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/11 10:9 a.m.28 views

CVE-2026-3784 wrong proxy connection reuse with credentials

curl would wrongly reuse an existing HTTP proxy connection doing CONNECT to a server, even if the new request uses different credentials for the HTTP proxy. The proper behavior is to create or use a separate connection...

0.00302EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/11 10:9 a.m.7 views

CVE-2026-3784

curl would wrongly reuse an existing HTTP proxy connection doing CONNECT to a server, even if the new request uses different credentials for the HTTP proxy. The proper behavior is to create or use a separate connection...

5.8AI score0.00302EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/11 10:9 a.m.3 views

CVE-2026-3784 wrong proxy connection reuse with credentials

curl would wrongly reuse an existing HTTP proxy connection doing CONNECT to a server, even if the new request uses different credentials for the HTTP proxy. The proper behavior is to create or use a separate connection...

5.8AI score0.00302EPSS
Exploits1References3
CVE
CVE
added 2026/03/11 10:9 a.m.20 views

CVE-2026-3784

CVE-2026-3784 affects curl where an HTTP proxy connection reused during a CONNECT request with different proxy credentials. This is the underlying issue described in the initial CVE entry: a separate connection should be used when credentials differ. Connected feeds indicate a patch is available ...

6.5CVSS5.8AI score0.00302EPSS
Exploits1References5Affected Software1
AlpineLinux
AlpineLinux
added 2026/03/11 10:9 a.m.6 views

CVE-2026-3784

curl would wrongly reuse an existing HTTP proxy connection doing CONNECT to a server, even if the new request uses different credentials for the HTTP proxy. The proper behavior is to create or use a separate connection...

6.5CVSS5.8AI score0.00302EPSS
Exploits1References5
OSV
OSV
added 2026/03/11 8:0 a.m.4 views

CURL-CVE-2026-3784 wrong proxy connection reuse with credentials

curl would wrongly reuse an existing HTTP proxy connection doing CONNECT to a server, even if the new request uses different credentials for the HTTP proxy. The proper behavior is to create or use a separate connection...

6.5CVSS5.8AI score0.00302EPSS
Exploits1
curl security advisories
curl security advisories
added 2026/03/11 8:0 a.m.20 views

wrong proxy connection reuse with credentials

curl would wrongly reuse an existing HTTP proxy connection doing CONNECT to a server, even if the new request uses different credentials for the HTTP proxy. The proper behavior is to create or use a separate connection...

6.5CVSS7.2AI score0.00302EPSS
Exploits1References1Affected Software2
Positive Technologies
Positive Technologies
added 2026/03/11 12:0 a.m.2 views

PT-2026-24664

Name of the Vulnerable Software and Affected Versions curl affected versions not specified Description curl improperly reuses an existing HTTP proxy connection when performing a CONNECT request to a server, even if the new request uses different credentials for the HTTP proxy. The expected behavi...

6.5CVSS6.8AI score0.00333EPSS
Exploits2References80
CNVD
CNVD
added 2025/10/17 12:0 a.m.3 views

F5 BIG-IP SSL Orchestrator Memory Corruption Vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. A memory corruption vulnerability exists in the Explicit Forward Proxy module of the BIG-IP SSL Orchestrator. The vulnerabilit...

8.7CVSS6.9AI score0.00317EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/15 12:0 a.m.5 views

F5 BIG-IP和F5 SSL Orchestrator 缓冲区错误漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. A memory corruption vulnerability exists in the Explicit Forward Proxy module of the BIG-IP SSL Orchestrator. The vulnerabilit...

8.7CVSS6.8AI score0.00317EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.30 views

EUVD-2020-27897

Malware in sbrugna...

5.9CVSS6.1AI score0.02174EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-14800

Malware in sbrugna...

5.3CVSS5.6AI score0.00889EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-45972

Malicious code in bioql PyPI...

8.1CVSS6.9AI score0.02927EPSS
Exploits0References14
Fedora
Fedora
added 2025/08/22 2:12 a.m.6 views

[SECURITY] Fedora 41 Update: socat-1.8.0.3-1.fc41

Socat is a relay for bidirectional data transfer between two independent data channels. Each of these data channels may be a file, pipe, device serial line etc. or a pseudo terminal, a socket UNIX, IP4, IP6 - raw, UDP, TCP, an SSL socket, proxy CONNECT connection, a file descriptor stdin etc., th...

9.8CVSS7AI score0.00794EPSS
Exploits0
Fedora
Fedora
added 2025/08/22 2:9 a.m.5 views

[SECURITY] Fedora 42 Update: socat-1.8.0.3-1.fc42

Socat is a relay for bidirectional data transfer between two independent data channels. Each of these data channels may be a file, pipe, device serial line etc. or a pseudo terminal, a socket UNIX, IP4, IP6 - raw, UDP, TCP, an SSL socket, proxy CONNECT connection, a file descriptor stdin etc., th...

9.8CVSS7AI score0.00794EPSS
Exploits0
CNNVD
CNNVD
added 2024/03/12 12:0 a.m.3 views

Apache Pulsar 访问控制错误漏洞

Apache Pulsar is the United States Apache Apache Foundation for cloud environments, set of messages, storage, lightweight functional computing as one of the distributed message flow platform. The software supports multi-tenant, persistent storage, multi-machine room cross-region data replication,...

8.2CVSS7AI score0.01765EPSS
Exploits0References5
Citrix
Citrix
added 2022/07/06 12:0 a.m.7 views

CWA for Android: We were unable to tunnel through the proxy

Viewer of CWA for Android fail to establish connection to VDA with below given error message We were unable to connect through the proxy. Error - 0 Logs show following error logs 02-10 05:44:55.989 1117 28821 W System.err: Caused by: android.system.GaiException: androidgetaddrinfo failed: EAINODA...

7AI score
Exploits0
Rows per page
Query Builder