Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
haxx vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2017-8818
curl and libcurl prior to 7.57.0 on 32-bit platforms allow malicious users to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact because too little memory is allocated for interfacing to an SSL library.
Haxx Curl 7.56.1
Haxx Libcurl 7.56.0
Haxx Libcurl 7.56.1
Haxx Curl 7.56.0
7.5
CVSSv2
CVE-2015-3145
The sanitize_cookie_path function in cURL and libcurl 7.31.0 up to and including 7.41.0 does not properly calculate an index, which allows remote malicious users to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie pa...
Fedoraproject Fedora 21
Fedoraproject Fedora 22
Canonical Ubuntu Linux 12.04
Debian Debian Linux 7.0
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Haxx Curl 7.37.1
Haxx Curl 7.38.0
Haxx Curl 7.33.0
Haxx Curl 7.34.0
Haxx Curl 7.35.0
Haxx Curl 7.41.0
Haxx Curl 7.36.0
Haxx Curl 7.37.0
Haxx Curl 7.31.0
Haxx Curl 7.32.0
Haxx Curl 7.39.0
Haxx Curl 7.40.0
Apple Mac Os X 10.10.2
Apple Mac Os X 10.10.3
Apple Mac Os X 10.10.0
1 Github repository
7.5
CVSSv2
CVE-2013-0249
Stack-based buffer overflow in the Curl_sasl_create_digest_md5_message function in lib/curl_sasl.c in curl and libcurl 7.26.0 up to and including 7.28.1, when negotiating SASL DIGEST-MD5 authentication, allows remote malicious users to cause a denial of service (crash) and possib...
Haxx Curl 7.26.0
Haxx Libcurl 7.26.0
Haxx Curl 7.28.1
Haxx Libcurl 7.28.1
Haxx Curl 7.27.0
Haxx Libcurl 7.27.0
Haxx Curl 7.28.0
Haxx Libcurl 7.28.0
Canonical Ubuntu Linux 12.10
1 EDB exploit
6.9
CVSSv2
CVE-2016-4802
Multiple untrusted search path vulnerabilities in cURL and libcurl prior to 7.49.1, when built with SSPI or telnet is enabled, allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) security.dll, (2) secur32.dll, or (3) ws2_32.dll in ...
Haxx Curl
1 Github repository
6.8
CVSSv2
CVE-2021-22901
curl 7.75.0 up to and including 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortunate circumstances to potentially reach remote c...
Haxx Curl
Oracle Mysql Server
Oracle Essbase
Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Oracle Communications Cloud Native Core Service Communication Proxy 1.15.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.1
Oracle Communications Cloud Native Core Binding Support Function 1.11.0
Netapp Cloud Backup -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Solidfire Baseboard Management Controller Firmware -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp Hci Compute Node Firmware -
Netapp H300e Firmware -
Netapp H300s Firmware -
Netapp H410s Firmware -
Netapp H500e Firmware -
6.8
CVSSv2
CVE-2016-9594
curl before version 7.52.1 is vulnerable to an uninitialized random in libcurl's internal function that returns a good 32bit random value. Having a weak or virtually non-existent random value makes the operations that use it vulnerable.
Haxx Curl
6.8
CVSSv2
CVE-2016-9586
curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions. If there are any application that accepts a format string from the outside without necessary input filtering, it coul...
Haxx Curl
6.8
CVSSv2
CVE-2016-9952
The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 up to and including 7.51.0, when built for Windows CE using the schannel TLS backend, makes it easier for remote malicious users to conduct man-in-the-middle attacks via a crafted wildcard SAN in a server ce...
Haxx Curl
1 Github repository
6.8
CVSSv2
CVE-2013-2174
Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 up to and including 7.30.0 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string ending in a &quo...
Haxx Curl 7.7
Haxx Curl 7.9.3
Haxx Curl 7.9.2
Haxx Curl 7.10.1
Haxx Curl 7.7.3
Haxx Curl 7.8
Haxx Curl 7.9.7
Haxx Curl 7.9.6
Haxx Curl 7.10.5
Haxx Curl 7.10.8
Haxx Curl 7.12.1
Haxx Curl 7.12.2
Haxx Curl 7.12.3
Haxx Curl 7.15.1
Haxx Curl 7.15.2
Haxx Curl 7.16.1
Haxx Curl 7.16.0
Haxx Curl 7.19.6
Haxx Curl 7.19.7
Haxx Curl 7.21.6
Haxx Curl 7.21.7
Haxx Curl 7.22.0
6.4
CVSSv2
CVE-2018-16842
Curl versions 7.14.1 up to and including 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.
Haxx Curl
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »