|Max CVSS||7.5||Min CVSS||5.0||Total Count||6|
|ID||CVSS||Summary||Last (major) update||Published|
Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.
|31-10-2018 - 15:29||31-10-2018 - 15:29|
Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.
|31-10-2018 - 14:29||31-10-2018 - 14:29|
curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions. If there are any application that accepts a format string from the outside without necessary
|23-04-2018 - 14:29||23-04-2018 - 14:29|
The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to th
|17-10-2016 - 22:45||07-07-2004 - 00:00|
Multiple integer overflows in the (1) curl_escape, (2) curl_easy_escape, (3) curl_unescape, and (4) curl_easy_unescape functions in libcurl before 7.50.3 allow attackers to have unspecified impact via a string of length 0xffffffff, which triggers a h
|11-10-2016 - 08:17||07-10-2016 - 10:59|
curl and libcurl before 7.50.2, when built with NSS and the libnsspem.so library is available at runtime, allow remote attackers to hijack the authentication of a TLS connection by leveraging reuse of a previously loaded client certificate from file
|04-10-2016 - 13:27||03-10-2016 - 17:59|