Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
haxx vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2013-0249
Stack-based buffer overflow in the Curl_sasl_create_digest_md5_message function in lib/curl_sasl.c in curl and libcurl 7.26.0 up to and including 7.28.1, when negotiating SASL DIGEST-MD5 authentication, allows remote malicious users to cause a denial of service (crash) and possib...
Haxx Curl 7.26.0
Haxx Libcurl 7.26.0
Haxx Curl 7.28.1
Haxx Libcurl 7.28.1
Haxx Curl 7.27.0
Haxx Libcurl 7.27.0
Haxx Curl 7.28.0
Haxx Libcurl 7.28.0
Canonical Ubuntu Linux 12.10
1 EDB exploit
7.5
CVSSv2
CVE-2017-8818
curl and libcurl prior to 7.57.0 on 32-bit platforms allow malicious users to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact because too little memory is allocated for interfacing to an SSL library.
Haxx Curl 7.56.1
Haxx Libcurl 7.56.0
Haxx Libcurl 7.56.1
Haxx Curl 7.56.0
9
CVSSv2
CVE-2015-3144
The fix_hostname function in cURL and libcurl 7.37.0 up to and including 7.41.0 does not properly calculate an index, which allows remote malicious users to cause a denial of service (out-of-bounds read or write and crash) or possibly have other unspecified impact via a zero-leng...
Oracle Mysql Enterprise Monitor
Haxx Curl 7.39.0
Haxx Curl 7.40.0
Haxx Curl 7.37.0
Haxx Curl 7.41.0
Haxx Curl 7.37.1
Haxx Curl 7.38.0
Haxx Libcurl 7.40.0
Haxx Libcurl 7.41.0
Haxx Libcurl 7.37.0
Haxx Libcurl 7.37.1
Haxx Libcurl 7.38.0
Haxx Libcurl 7.39
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Debian Debian Linux 7.0
7.5
CVSSv2
CVE-2015-3145
The sanitize_cookie_path function in cURL and libcurl 7.31.0 up to and including 7.41.0 does not properly calculate an index, which allows remote malicious users to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie pa...
Fedoraproject Fedora 21
Fedoraproject Fedora 22
Canonical Ubuntu Linux 12.04
Debian Debian Linux 7.0
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Haxx Curl 7.37.1
Haxx Curl 7.38.0
Haxx Curl 7.33.0
Haxx Curl 7.34.0
Haxx Curl 7.35.0
Haxx Curl 7.41.0
Haxx Curl 7.36.0
Haxx Curl 7.37.0
Haxx Curl 7.31.0
Haxx Curl 7.32.0
Haxx Curl 7.39.0
Haxx Curl 7.40.0
Apple Mac Os X 10.10.2
Apple Mac Os X 10.10.3
Apple Mac Os X 10.10.0
1 Github repository
5.1
CVSSv2
CVE-2005-0490
Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly other versions, allow remote malicious web servers to execute arbitrary code via base64 encoded replies that exceed the intended buffer lengths when decoded, which is not properly handled by (1) the Cu...
Haxx Curl 7.12.1
Haxx Libcurl 7.12.1
6.4
CVSSv2
CVE-2015-3237
The smb_request_state function in cURL and libcurl 7.40.0 up to and including 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values.
Haxx Libcurl 7.40.0
Haxx Libcurl 7.41.0
Haxx Curl 7.40.0
Haxx Curl 7.41.0
Haxx Curl 7.42.0
Haxx Curl 7.42.1
Haxx Libcurl 7.42.0
Haxx Libcurl 7.42.1
Hp System Management Homepage
Oracle Glassfish Server 3.1.2
Oracle Enterprise Manager Ops Center 12.1.4
Oracle Enterprise Manager Ops Center 12.2.2
Oracle Enterprise Manager Ops Center 12.3.2
Oracle Glassfish Server 3.0.1
4.3
CVSSv2
CVE-2019-5435
An integer overflow in curl's URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1.
Haxx Curl
5
CVSSv2
CVE-2017-9502
In curl prior to 7.54.1 on Windows and DOS, libcurl's default protocol function, which is the logic that allows an application to set which protocol libcurl should attempt to use when given a URL without a scheme part, had a flaw that could lead to it overwriting a heap base...
Haxx Curl
1 Github repository
5
CVSSv2
CVE-2017-7468
In curl and libcurl 7.52.0 to and including 7.53.1, libcurl would attempt to resume a TLS session even if the client certificate had changed. That is unacceptable since a server by specification is allowed to skip the client certificate check on resume, and may instead use the ol...
Haxx Libcurl
7.5
CVSSv2
CVE-2016-9953
The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 up to and including 7.51.0, when built for Windows CE using the schannel TLS backend, allows remote malicious users to obtain sensitive information, cause a denial of service (crash), or possibly have unspec...
Haxx Curl
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »