CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

AstraLinux•added 2026/06/19 11:10 a.m.•5 views

Astra Linux – Vulnerability in curl

There is an information disclosure vulnerability in curl v8.1.0 when performing HTTPS transfers. libcurl may incorrectly use the read callback CURLOPTREADFUNCTION to request data to be sent, even when the CURLOPTPOSTFIELDS option is set. This occurs if the same handle was previously used to issue...

5.3CVSS6.2AI score0.02211EPSS

Exploits1References2

OSV•added 2026/05/04 1:12 p.m.•7 views

JLSEC-2026-410

An information disclosure vulnerability exists in curl v8.1.0 when doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the CURLOPTPOSTFIELDS option has been set, if the same handle previously wasused to issue a PUT request...

5.3CVSS6.6AI score0.02211EPSS

Exploits1References24

OSV•added 2026/05/04 1:12 p.m.•7 views

JLSEC-2026-396

When doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the CURLOPTPOSTFIELDS option has been set, if the same handle previously was used to issue a PUT request which used that callback. This flaw may surprise the...

9.8CVSS7.2AI score0.04325EPSS

Exploits1References22

Tenable Nessus•added 2026/01/09 12:0 a.m.•5 views

Siemens Ruggedcom ROX Missing Encryption of Sensitive Data (CVE-2023-28322)

5.3CVSS6.2AI score0.02211EPSS

Exploits1References5

Tenable Nessus•added 2025/11/13 12:0 a.m.•7 views

Siemens SIMATIC S7-1500 Expected Behavior Violation (CVE-2022-32221)

9.8CVSS6.7AI score0.04325EPSS

Exploits1References5

Microsoft CVE•added 2024/06/30 2:0 p.m.•5 views

When doing HTTP(S) transfers libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send even when the `CURLOPT_POSTFIELDS` option has been set if the same handle previously was used to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent `POST` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.

...

9.8CVSS7.5AI score0.04325EPSS

Exploits1

Microsoft CVE•added 2023/05/27 7:0 a.m.•5 views

An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send even when the `CURLOPT_POSTFIELDS` option has been set if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST.

...

5.3CVSS6.6AI score0.02211EPSS

Exploits1

OSV•added 2023/05/26 9:15 p.m.•5 views

AZL-38070 CVE-2023-28322 affecting package tensorflow for versions less than 2.16.1-1

3.7CVSS6.5AI score0.02211EPSS

Exploits1References1

OSV•added 2023/05/26 9:15 p.m.•6 views

AZL-26792 CVE-2023-28322 affecting package curl for versions less than 8.0.1-2

3.7CVSS6.5AI score0.02211EPSS

Exploits1References1

OSV•added 2023/05/26 9:15 p.m.•4 views