When curl retrieves an HTTP response, it stores the incoming headers so thatthey can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it wouldaccept in a response, allowing a malicious server to stream an endless seriesof headers and...
7.5CVSS
7.5AI Score
0.014EPSS
7.8CVSS
7.9AI Score
0.001EPSS
5.5CVSS
5.9AI Score
0.0005EPSS
7.8CVSS
7.9AI Score
0.0005EPSS
7.8CVSS
8.4AI Score
0.0005EPSS
7.8CVSS
7.9AI Score
0.0005EPSS
7.8CVSS
7.9AI Score
0.0005EPSS
8.8CVSS
9AI Score
0.001EPSS
7.5CVSS
8.3AI Score
0.001EPSS
5.3CVSS
6.7AI Score
0.003EPSS
7.8CVSS
8.1AI Score
0.0004EPSS
7CVSS
6.8AI Score
0.0004EPSS
5.5CVSS
6.8AI Score
0.001EPSS
7.8CVSS
7.9AI Score
0.001EPSS
7.5CVSS
8.3AI Score
0.001EPSS
8.1CVSS
8.4AI Score
0.005EPSS
7.5CVSS
7.6AI Score
0.001EPSS
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
7.5CVSS
7.9AI Score
0.006EPSS
6.5CVSS
6.7AI Score
0.001EPSS
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxyhandshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allowthat to resolve the address instead of it getting done by curl itself, themaximum length that host name can be is 255 bytes. If the host name is...
9.8CVSS
9.6AI Score
0.003EPSS
8.1CVSS
8.4AI Score
0.005EPSS
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
7.8CVSS
7.9AI Score
0.0005EPSS
8.1CVSS
8.4AI Score
0.005EPSS
8.1CVSS
8.4AI Score
0.005EPSS
8.1CVSS
8.4AI Score
0.005EPSS
8.1CVSS
8.4AI Score
0.005EPSS
8.1CVSS
8.4AI Score
0.005EPSS
7.8CVSS
8AI Score
0.0005EPSS
8.1CVSS
8.4AI Score
0.005EPSS
8.1CVSS
8.4AI Score
0.005EPSS
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG ...
7.5CVSS
7.7AI Score
0.05EPSS
8.1CVSS
8AI Score
0.002EPSS
7.8CVSS
7.9AI Score
0.001EPSS
8CVSS
8.2AI Score
0.004EPSS
Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability
6.6CVSS
7AI Score
0.002EPSS
7CVSS
7.2AI Score
0.001EPSS
7.8CVSS
7.9AI Score
0.001EPSS
6.5CVSS
6.2AI Score
0.001EPSS
7.5CVSS
7.2AI Score
0.004EPSS
Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability
4.9CVSS
5.6AI Score
0.001EPSS
6.5CVSS
6.3AI Score
0.001EPSS
6.5CVSS
6.2AI Score
0.001EPSS
6.1CVSS
8.7AI Score
0.0004EPSS
6.6CVSS
6.8AI Score
0.001EPSS
6.7CVSS
8.7AI Score
0.0004EPSS
8.8CVSS
8.4AI Score
0.003EPSS
8.8CVSS
9AI Score
0.001EPSS
6.5CVSS
6.3AI Score
0.001EPSS
7.8CVSS
8.2AI Score
0.001EPSS