Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
curl curl 7.14 vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2005-4077
Multiple off-by-one errors in the cURL library (libcurl) 7.11.2 up to and including 7.15.0 allow local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs that (1) are malformed in a way that prevents a terminating...
Daniel Stenberg Curl 7.13
Daniel Stenberg Curl 7.13.1
Daniel Stenberg Curl 7.11.2
Daniel Stenberg Curl 7.13.2
Daniel Stenberg Curl 7.14
Daniel Stenberg Curl 7.12.2
Daniel Stenberg Curl 7.12.3
Daniel Stenberg Curl 7.12
Daniel Stenberg Curl 7.12.1
Daniel Stenberg Curl 7.14.1
Daniel Stenberg Curl 7.15
6.8
CVSSv2
CVE-2009-0037
The redirect implementation in curl and libcurl 5.11 up to and including 7.19.3, when CURLOPT_FOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to (1) trigger arbitrary requests to intranet servers, (2) read or overwrite arbitrary...
Curl Curl 6.3.1
Curl Curl 6.4
Curl Curl 7.2
Curl Curl 7.3
Curl Curl 7.6
Curl Curl 7.6.1
Curl Curl 7.8.1
Curl Curl 7.8.2
Curl Curl 7.9.6
Curl Curl 7.9.7
Curl Curl 7.10.5
Curl Curl 7.10.6
Curl Curl 7.13.2
Curl Curl 7.14
Curl Curl 7.19.3
Curl Libcurl 7.12
Curl Libcurl 7.14.1
Curl Libcurl 7.15
Curl Libcurl 7.15.1
Curl Curl 6.5
Curl Curl 6.5.1
Curl Curl 7.4
1 EDB exploit
1 Github repository
6.8
CVSSv2
CVE-2010-0734
content_encoding.c in libcurl 7.10.5 up to and including 7.19.7, when zlib is enabled, does not properly restrict the amount of callback data sent to an application that requests automatic decompression, which might allow remote malicious users to cause a denial of service (appli...
Curl Libcurl 7.10.8
Curl Libcurl 7.11.0
Curl Libcurl 7.12.3
Curl Libcurl 7.13
Curl Libcurl 7.15.2
Curl Libcurl 7.15.3
Curl Libcurl 7.19.1
Curl Libcurl 7.19.2
Curl Libcurl 7.10.5
Curl Libcurl 7.10.6
Curl Libcurl 7.10.7
Curl Libcurl 7.12.1
Curl Libcurl 7.12.2
Curl Libcurl 7.15
Curl Libcurl 7.15.1
Curl Libcurl 7.18.2
Curl Libcurl 7.19.0
Curl Libcurl 7.19.7
Curl Libcurl 7.12
Curl Libcurl 7.12.0
Curl Libcurl 7.14
Curl Libcurl 7.14.1
7.5
CVSSv2
CVE-2009-2417
lib/ssluse.c in cURL and libcurl 7.4 up to and including 7.19.5, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle malicious users to spoo...
Curl Libcurl 7.4
Curl Libcurl 7.4.1
Curl Libcurl 7.7
Curl Libcurl 7.7.1
Curl Libcurl 7.7.2
Curl Libcurl 7.9.3
Curl Libcurl 7.9.5
Curl Libcurl 7.10.3
Curl Libcurl 7.10.4
Curl Libcurl 7.12.0
Curl Libcurl 7.17.0
Curl Libcurl 7.19.2
Curl Libcurl 7.19.3
Curl Libcurl 7.13.1
Curl Libcurl 7.12.3
Libcurl Libcurl 7.15.1
Libcurl Libcurl 7.14
Curl Libcurl 7.15.3
Libcurl Libcurl 7.13
Curl Libcurl 7.4.2
Curl Libcurl 7.5
Curl Libcurl 7.7.3
7.5
CVSSv2
CVE-2007-3564
libcurl 7.14.0 up to and including 7.16.3, when built with GnuTLS support, does not check SSL/TLS certificate expiration or activation dates, which allows remote malicious users to bypass certain access restrictions.
Libcurl Libcurl 7.15.2
Libcurl Libcurl 7.15.3
Libcurl Libcurl 7.15
Libcurl Libcurl 7.15.1
Libcurl Libcurl 7.16.3
Libcurl Libcurl 7.14
Libcurl Libcurl 7.14.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started