Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libcurl vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-6086
libs/zbxmedia/eztexting.c in Zabbix 1.8.x prior to 1.8.18rc1, 2.0.x prior to 2.0.8rc1, and 2.1.x prior to 2.1.2 does not properly set the CURLOPT_SSL_VERIFYHOST option for libcurl, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitrary valid certific...
Zabbix Zabbix 2.0.0
Zabbix Zabbix 2.0.1
Zabbix Zabbix 2.0.6
Zabbix Zabbix 2.1.0
Zabbix Zabbix 2.1.1
Zabbix Zabbix 2.0.5
Zabbix Zabbix 1.8.1
Zabbix Zabbix 1.8.10
Zabbix Zabbix 2.0.3
Zabbix Zabbix 1.8.16
Zabbix Zabbix 2.0.2
Zabbix Zabbix 2.0.4
Zabbix Zabbix 1.8.15
5.3
CVSSv3
CVE-2021-22925
curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be made to pass on uninitialized ...
Haxx Curl
Fedoraproject Fedora 33
Netapp Cloud Backup -
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
Apple Macos 11.0
Apple Mac Os X 10.15.7
Apple Macos 11.0.1
Apple Macos 11.1
Apple Macos 11.1.0
Apple Macos 11.2
Apple Macos 11.2.1
Apple Macos 11.3
Apple Macos 11.3.1
Apple Macos 11.4
Apple Macos 11.5
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Mysql Server
Siemens Sinec Infrastructure Network Services
8.1
CVSSv3
CVE-2021-22901
curl 7.75.0 up to and including 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortunate circumstances to potentially reach remote c...
Haxx Curl
Oracle Mysql Server
Oracle Essbase
Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Oracle Communications Cloud Native Core Service Communication Proxy 1.15.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.1
Oracle Communications Cloud Native Core Binding Support Function 1.11.0
Netapp Cloud Backup -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Solidfire Baseboard Management Controller Firmware -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp Hci Compute Node Firmware -
Netapp H300e Firmware -
Netapp H300s Firmware -
Netapp H410s Firmware -
Netapp H500e Firmware -
8.1
CVSSv3
CVE-2016-9952
The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 up to and including 7.51.0, when built for Windows CE using the schannel TLS backend, makes it easier for remote malicious users to conduct man-in-the-middle attacks via a crafted wildcard SAN in a server ce...
Haxx Curl
1 Github repository
7.8
CVSSv3
CVE-2018-20483
set_file_metadata in xattr.c in GNU Wget prior to 1.20.1 stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the downloaded file, which allows local users to obtain sensitive information (e.g., credentials contained in the U...
Gnu Wget
1 Article
9.8
CVSSv3
CVE-2018-16840
A heap use-after-free flaw was found in curl versions from 7.59.0 up to and including 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the `Curl_close()` function, the library code first frees a struct (without nulli...
Haxx Curl
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
7.5
CVSSv3
CVE-2023-28319
A use after free vulnerability exists in curl <v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the ...
Haxx Curl
Apple Macos
Netapp Clustered Data Ontap -
Netapp Ontap Antivirus Connector -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
1 Github repository
5.3
CVSSv3
CVE-2016-3739
The (1) mbed_connect_step1 function in lib/vtls/mbedtls.c and (2) polarssl_connect_step1 function in lib/vtls/polarssl.c in cURL and libcurl prior to 7.49.0, when using SSLv3 or making a TLS connection to a URL that uses a numerical IP address, allow remote malicious users to spo...
Haxx Curl 7.21.3
Haxx Curl 7.24.0
Haxx Curl 7.35.0
Haxx Curl 7.21.5
Haxx Curl 7.21.1
Haxx Curl 7.32.0
Haxx Curl 7.40.0
Haxx Curl 7.29.0
Haxx Curl 7.48.0
Haxx Curl 7.22.0
Haxx Curl 7.33.0
Haxx Curl 7.45.0
Haxx Curl 7.44.0
Haxx Curl 7.26.0
Haxx Curl 7.23.1
Haxx Curl 7.25.0
Haxx Curl 7.36.0
Haxx Curl 7.21.6
Haxx Curl 7.30.0
Haxx Curl 7.27.0
Haxx Curl 7.38.0
Haxx Curl 7.21.2
7.3
CVSSv3
CVE-2016-0755
The ConnectionExists function in lib/url.c in libcurl prior to 7.47.0 does not properly re-use NTLM-authenticated proxy connections, which might allow remote malicious users to authenticate as other users via a request, a similar issue to CVE-2014-0015.
Haxx Curl
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Debian Debian Linux 7.0
9.8
CVSSv3
CVE-2016-9953
The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 up to and including 7.51.0, when built for Windows CE using the schannel TLS backend, allows remote malicious users to obtain sensitive information, cause a denial of service (crash), or possibly have unspec...
Haxx Curl
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »