Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
curl project curl - vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2014-5000
The login function in lib/lawn.rb in the lawn-login gem 0.0.7 for Ruby places credentials on the curl command line, which allows local users to obtain sensitive information by listing the process.
Lawn-login Project Lawn-login 0.0.7
5
CVSSv2
CVE-2021-28941
Because of no validation on a curl command in MagpieRSS 0.72 in the /extlib/Snoopy.class.inc file, when you send a request to the /scripts/magpie_debug.php or /scripts/magpie_simple.php page, it's possible to request any internal page if you use a https request.
Magpierss Project Magpierss 0.72
7.5
CVSSv2
CVE-2021-28940
Because of a incorrect escaped exec command in MagpieRSS in 0.72 in the /extlib/Snoopy.class.inc file, it is possible to add a extra command to the curl binary. This creates an issue on the /scripts/magpie_debug.php and /scripts/magpie_simple.php page that if you send a specific ...
Magpierss Project Magpierss 0.72
6.5
CVSSv2
CVE-2020-26222
Dependabot is a set of packages for automated dependency management for Ruby, JavaScript, Python, PHP, Elixir, Rust, Java, .NET, Elm and Go. In Dependabot-Core from version 0.119.0.beta1 before version 0.125.1, there is a remote code execution vulnerability in dependabot-common a...
Dependabot Project Dependabot 0.119.0
Dependabot Project Dependabot
4.3
CVSSv2
CVE-2015-8861
The handlebars package prior to 4.0.0 for Node.js allows remote malicious users to conduct cross-site scripting (XSS) attacks by leveraging a template with an attribute that is not quoted.
Handlebars.js Project Handlebars.js
1 Github repository
4.3
CVSSv2
CVE-2015-8862
mustache package prior to 2.2.1 for Node.js allows remote malicious users to conduct cross-site scripting (XSS) attacks by leveraging a template with an attribute that is not quoted.
Mustache.js Project Mustache.js
NA
CVE-2023-35934
yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent ...
Yt-dlp Project Yt-dlp
Youtube-dlc Project Youtube-dlc
Yt-dl Youtube-dl
Fedoraproject Fedora 37
Fedoraproject Fedora 38
10
CVSSv2
CVE-2008-4796
The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and previous versions, as used in (1) ampache, (2) libphp-snoopy, (3) mahara, (4) mediamate, (5) opendb, (6) pixelpost, and possibly other products, allows remote malicious users to execute arbitrary commands vi...
Snoopy Project Snoopy
Debian Debian Linux 4.0
Debian Debian Linux 5.0
Nagios Nagios
Wordpress Wordpress
4.3
CVSSv2
CVE-2019-20503
usrsctp prior to 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init.
Usrsctp Project Usrsctp
1 Article
7.5
CVSSv2
CVE-2005-0158
Format string vulnerability in bidwatcher prior to 1.3.17 allows remote malicious web servers from eBay, or a spoofed eBay server, to cause a denial of service and possibly execute arbitrary code via certain responses.
Bidwatcher Bidwatcher 1.0.5
Bidwatcher Bidwatcher 1.1.7
Bidwatcher Bidwatcher 1.3.1
Bidwatcher Bidwatcher 1.3.11
Bidwatcher Bidwatcher 1.3.16
Bidwatcher Bidwatcher 1.3.3
Bidwatcher Bidwatcher 1.1.2
Bidwatcher Bidwatcher 1.1.8
Bidwatcher Bidwatcher 1.3.0 Beta
Bidwatcher Bidwatcher 1.3.10
Bidwatcher Bidwatcher 1.3.2
Bidwatcher Bidwatcher 1.3.4
Bidwatcher Bidwatcher 1.3.12
Bidwatcher Bidwatcher 1.3.13
Bidwatcher Bidwatcher 1.3.14
Bidwatcher Bidwatcher 1.3.15
Bidwatcher Bidwatcher 1.1.9
Bidwatcher Bidwatcher 1.1.9.1
Bidwatcher Bidwatcher 1.1.9.2
Bidwatcher Bidwatcher 1.2.0
Bidwatcher Bidwatcher 1.3.5
Bidwatcher Bidwatcher 1.3.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »