Nessus Network Monitor < 6.5.4 Multiple Vulnerabilities (TNS-2026-14)

According to its self-reported version, the Nessus Network Monitor running on the remote host is prior to 6.5.4. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2026-14 advisory. - An integer overflow can be triggered in SQLite's concatws function. The resulting,...

Astra Linux - уязвимость в curl

When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific transfer could unintentionally...

K000160935: Curl vulnerability CVE-2025-14017

Security Advisory Description When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific...

EulerOS Virtualization 2.10.0 : curl (EulerOS-SA-2026-1552)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that...

EulerOS 2.0 SP12 : curl (EulerOS-SA-2026-1355)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally an...

EulerOS Virtualization 2.12.0 : curl (EulerOS-SA-2026-1478)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl,changing TLS options in one thread would inadvertently change th...

USN-8062-2 curl vulnerabilities

USN-8062-1 fixed vulnerabilities in curl. This update provides the corresponding update for CVE-2025-14017, CVE-2025-15079, and CVE-2025-15224 for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that curl incorrectly handled...

CVE-2025-70043

CVE-2025-70043 affects Ayms node-To master. Root cause: TLS certificate validation is disabled via rejectUnauthorized: false in TLS socket options (CWE-295). This improper certificate validation could enable man-in-the-middle attacks. Documents consistently describe the condition but do not provi...

Medium: curl

Issue Overview: curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification mechanisms. This prevents curl from detecting MITM attackers and more. CVE-2025-10966 broken TLS options for threaded LDAPS NOTE:...

SUSE-SU-2026:0508-1 Security update for curl

This update for curl fixes the following issues: - CVE-2025-14017: Fixed broken TLS options for threaded LDAPS bsc1256105. - CVE-2025-14524: bearer token leak on cross-protocol redirect bsc1255731. - CVE-2025-14819: libssh global knownhost override bsc1255732. - CVE-2025-15079: libssh key...

Fedora: Security Advisory (FEDORA-2026-3f0f0f85be)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 42 : curl (2026-3f0f0f85be)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3f0f0f85be advisory. - fix broken TLS options for threaded LDAPS CVE-2025-14017 Tenable has extracted the preceding description block directly from the Fedora security advisory...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: curl (UTSA-2026-004936)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004936 advisory. When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: curl (UTSA-2026-004928)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004928 advisory. When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore...

SUSE-SU-2026:0221-1 Security update for curl

This update for curl fixes the following issues: - CVE-2025-14017: Fixed broken TLS options for threaded LDAPS bsc1256105...

openSUSE 16 Security Update : curl (openSUSE-SU-2026:20031-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20031-1 advisory. This update for curl fixes the following issues: - CVE-2025-14017: broken TLS options for threaded LDAPS bsc1256105. - CVE-2025-14524: bearer...

SUSE-SU-2026:20110-1 Security update for curl

This update for curl fixes the following issues: This update for curl fixes the following issues: - CVE-2025-14017: broken TLS options for threaded LDAPS bsc1256105. - CVE-2025-14524: bearer token leak on cross-protocol redirect bsc1255731. - CVE-2025-14819: libssh global knownhost override...

SUSE-SU-2026:20082-1 Security update for curl

This update for curl fixes the following issues: This update for curl fixes the following issues: - CVE-2025-14017: broken TLS options for threaded LDAPS bsc1256105. - CVE-2025-14524: bearer token leak on cross-protocol redirect bsc1255731. - CVE-2025-14819: libssh global knownhost override...

SUSE-SU-2026:0119-1 Security update for curl

This update for curl fixes the following issues: - CVE-2025-14017: Fixed broken TLS options for threaded LDAPS bsc1256105...

openSUSE 15 Security Update : curl (SUSE-SU-2026:0077-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:0077-1 advisory. - CVE-2025-14017: Fixed broken TLS options for threaded LDAPS bsc1256105. Tenable has extracted the preceding description block directly from the SUSE securi...