CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

138 matches found

Tenable Nessus•added 2024/12/12 12:0 a.m.•17 views

EulerOS 2.0 SP11 : curl (EulerOS-SA-2024-2964)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is...

6.5CVSS7.2AI score0.00559EPSS

Exploits1References2

Debian•added 2024/11/14 3:14 p.m.•12 views

[SECURITY] [DLA 3951-1] curl security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3951-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA November 14, 2024 https://wiki.debian.org/LTS -...

6.5CVSS6.1AI score0.00559EPSS

Exploits1

Tenable Nessus•added 2024/11/14 12:0 a.m.•14 views

Debian dla-3951 : curl - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-3951 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3951-1 [email protected] https://www.debian.org/lts/security/...

6.5CVSS7.2AI score0.00559EPSS

Exploits1References4

OpenVAS•added 2024/11/11 12:0 a.m.•13 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-2825)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.7AI score0.00796EPSS

Exploits2References3

OpenVAS•added 2024/11/11 12:0 a.m.•9 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-2901)

6.5CVSS6.7AI score0.00796EPSS

Exploits2References3

Tenable Nessus•added 2024/11/08 12:0 a.m.•10 views

EulerOS 2.0 SP9 : curl (EulerOS-SA-2024-2825)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libcurl's ASN1 parser code has the GTime2str function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field,...

6.5CVSS7.2AI score0.00796EPSS

Exploits2References3

Tenable Nessus•added 2024/11/08 12:0 a.m.•15 views

EulerOS 2.0 SP10 : curl (EulerOS-SA-2024-2901)

6.5CVSS7.2AI score0.00796EPSS

Exploits2References3

Tenable Nessus•added 2024/11/08 12:0 a.m.•13 views

EulerOS 2.0 SP9 : curl (EulerOS-SA-2024-2809)

6.5CVSS7.2AI score0.00796EPSS

Exploits2References3

Tenable Nessus•added 2024/11/08 12:0 a.m.•10 views

EulerOS 2.0 SP10 : curl (EulerOS-SA-2024-2882)

6.5CVSS7.2AI score0.00796EPSS

Exploits2References3

Microsoft CVE•added 2024/10/01 7:0 a.m.•2 views

OCSP stapling bypass with GnuTLS

...

6.5CVSS6.3AI score0.00559EPSS

Exploits1

F5 Networks•added 2024/09/17 9:59 p.m.•39 views

K000141099: Curl vulnerability CVE-2024-8096

Security Advisory Description When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned...

6.5CVSS7.4AI score0.00559EPSS

Exploits1

Tenable Nessus•added 2024/09/13 12:0 a.m.•40 views

Curl 7.41.0 < 8.10.0 Security Bypass (CVE-2024-8096)

The version of Curl installed on the remote host is between 7.41.0 prior to 8.10.0. It is, therefore, affected by a security bypass vulnerability. When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is...

6.5CVSS7.2AI score0.00559EPSS

Exploits1References2

OpenVAS•added 2024/09/12 12:0 a.m.•17 views

openSUSE Security Advisory (SUSE-SU-2024:3204-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.7AI score0.00559EPSS

Exploits1References4

Tenable Nessus•added 2024/09/12 12:0 a.m.•22 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : curl (SUSE-SU-2024:3211-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3211-1 advisory. - CVE-2024-8096: OCSP stapling bypass with GnuTLS. bsc1230093 Tenable has extracted the preceding...

6.5CVSS7.3AI score0.00559EPSS

Exploits1References4

OSV•added 2024/09/11 3:40 p.m.•14 views

SUSE-SU-2024:3211-1 Security update for curl

This update for curl fixes the following issues: - CVE-2024-8096: OCSP stapling bypass with GnuTLS. bsc1230093...

6.5CVSS6.7AI score0.00559EPSS

Exploits1References3

NVD•added 2024/09/11 10:15 a.m.•10 views

CVE-2024-8096

When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error tha...

6.5CVSS0.00559EPSS

Exploits1References6

OSV•added 2024/09/11 10:15 a.m.•5 views

AZL-49038 CVE-2024-8096 affecting package curl for versions less than 8.8.0-3

6.5CVSS7AI score0.00559EPSS

Exploits1References1

OSV•added 2024/09/11 10:15 a.m.•0 views

AZL-49132 CVE-2024-8096 affecting package mysql for versions less than 8.0.36-1

6.5CVSS5.8AI score0.00559EPSS

Exploits1References1

OSV•added 2024/09/11 10:15 a.m.•1 views

DEBIAN-CVE-2024-8096