Search
Search Results (144 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-8618 | 2 Haxx, Redhat | 3 Curl, Jboss Core Services, Rhel Software Collections | 2024-11-21 | N/A |
| The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing a double-free due to an unsafe `size_t` multiplication, on systems using 32 bit `size_t` variables. | ||||
| CVE-2016-8616 | 2 Haxx, Redhat | 3 Curl, Jboss Core Services, Rhel Software Collections | 2024-11-21 | N/A |
| A flaw was found in curl before version 7.51.0 When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. This means that if an unused connection with proper credentials exists for a protocol that has connection-scoped credentials, an attacker can cause that connection to be reused if s/he knows the case-insensitive version of the correct password. | ||||
| CVE-2016-4606 | 2 Apple, Haxx | 2 Mac Os X, Curl | 2024-11-21 | 9.8 Critical |
| Curl before 7.49.1 in Apple OS X before macOS Sierra prior to 10.12 allows remote or local attackers to execute arbitrary code, gain sensitive information, cause denial-of-service conditions, bypass security restrictions, and perform unauthorized actions. This may aid in other attacks. | ||||
| CVE-2003-1605 | 1 Haxx | 1 Curl | 2024-11-20 | N/A |
| curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote server. | ||||