[UPDATE] [medium] cURL: Multiple vulnerabilities
An attacker can exploit multiple vulnerabilities in cURL to bypass security measures, disclose confidential information, manipulate data, or cause a Denial-of-Service condition.
● Live advisory feed
Security advisories from 24 sources — CISA, CERT-EU, NCSC-UK, BSI, CERT-FR, NCSC-NL, JPCERT/CC, JVN, HKCERT, the Canadian Cyber Centre, NVD, GitHub, Microsoft, Cisco, Fortinet, Palo Alto Networks and more — normalized, translated to English and flagged against the CISA KEV catalog. One global feed for CSIRTs, SOCs and defenders.
An attacker can exploit multiple vulnerabilities in cURL to bypass security measures, disclose confidential information, manipulate data, or cause a Denial-of-Service condition.
An attacker can exploit multiple vulnerabilities in Splunk Splunk Enterprise to bypass security measures, manipulate data, disclose confidential information, or cause a Denial-of-Service condition.
A remote, anonymous attacker can exploit a vulnerability in Cisco Catalyst Center to disclose information.
An attacker can exploit multiple vulnerabilities in CUPS to conduct a denial of service attack.
A remote, authenticated attacker can exploit multiple vulnerabilities in Microsoft Azure and Microsoft Entra to escalate their privileges.
A remote, anonymous attacker can exploit a vulnerability in Microsoft 365 Copilot to escalate their privileges.
A remote, anonymous attacker can exploit multiple vulnerabilities in libssh2 to conduct a denial of service attack or execute code.
A remote, anonymous attacker can exploit a vulnerability in IGEL OS to manipulate files.
A local attacker can exploit a vulnerability in GIMP to conduct a denial of service attack and potentially execute arbitrary code.
A remote, anonymous attacker can exploit a vulnerability in nghttp2 to manipulate data.
An attacker can exploit multiple vulnerabilities in vim to conduct a denial of service attack, disclose information, and execute arbitrary code.
An attacker can exploit multiple vulnerabilities in vim to execute arbitrary code and conduct a denial of service attack.
A remote, anonymous attacker can exploit a vulnerability in vim to conduct a denial of service attack.
An attacker can exploit multiple vulnerabilities in vim to conduct a denial of service attack or execute arbitrary code.
An attacker can exploit a vulnerability in vim to conduct a denial of service attack.
A remote, anonymous attacker can exploit a vulnerability in vim to manipulate files.
An attacker can exploit multiple vulnerabilities in IBM WebSphere Application Server to bypass security measures and execute code.
A remote, anonymous attacker can exploit a vulnerability in Evince to execute arbitrary code.
An attacker from an adjacent network can exploit multiple vulnerabilities in IBM WebSphere Application Server to conduct a denial of service attack or disclose information.
An attacker can exploit multiple vulnerabilities in the Linux Kernel to carry out unspecified attacks that may lead to a denial-of-service condition or cause memory corruption.
A local attacker can exploit a vulnerability in the Linux Kernel to carry out a denial of service attack.
A remote, anonymous attacker can exploit a vulnerability in the Linux Kernel to carry out a denial of service attack.
A remote, anonymous attacker can exploit multiple vulnerabilities in Red Hat Software Collections to compromise the confidentiality, availability, and integrity of the applications.
An attacker can exploit multiple vulnerabilities in Mozilla Thunderbird to conduct a denial of service attack and to present false information.
An attacker can exploit multiple vulnerabilities in Ubiquiti UniFi to execute arbitrary code, conduct an SQL injection attack, escalate privileges, bypass security measures, conduct a denial of service attack, manipulate data, and disclose information.
A remote, authenticated attacker can exploit multiple vulnerabilities in Drupal to conduct a cross-site scripting attack, bypass security measures, and manipulate data.
A remote, authenticated attacker can exploit multiple vulnerabilities in Elasticsearch to conduct a denial of service attack.
A remote, authenticated attacker can exploit multiple vulnerabilities in Kibana to conduct a denial of service attack, execute arbitrary code, bypass security measures, and disclose confidential information.
An attacker can exploit multiple vulnerabilities in OPNsense to execute arbitrary code with administrative privileges, bypass security measures, conduct a Cross-Site Scripting attack, manipulate files, disclose information, and perform a Denial of Service attack.
A remote, anonymous attacker can exploit multiple vulnerabilities in Apache HttpComponents Core to perform a Denial of Service attack.
An attacker can exploit multiple vulnerabilities in MediaWiki to conduct Cross-Site Scripting attacks, redirect users to malicious websites, bypass authentication, or perform SQL injection attacks.
An attacker can exploit multiple vulnerabilities in IBM DataPower Gateway to perform a Denial of Service attack, disclose information, and manipulate data.
A remote, authenticated attacker can exploit a vulnerability in Fleet to perform a Denial of Service attack.
A remote, authenticated attacker can exploit a vulnerability in Hashicorp Vault to bypass security measures.
An attacker can exploit multiple vulnerabilities in IBM WebSphere Application Server to conduct a Cross-Site Scripting attack and disclose confidential information.
An attacker can exploit multiple vulnerabilities in IBM WebSphere Application Server to execute arbitrary code, perform a Denial of Service attack, bypass security measures, disclose information, and escalate privileges.
An attacker can exploit multiple vulnerabilities in IBM WebSphere Application Server Liberty and IBM WebSphere Application Server to manipulate files, conduct a Cross-Site Scripting attack, execute arbitrary code, disclose information, and perform a Denial of Service attack.
An attacker can exploit a vulnerability in Perl to perform an unspecified attack.
An attacker can exploit multiple vulnerabilities in IBM App Connect Enterprise Certified Container to execute arbitrary code, bypass security measures, conduct Cross-Site Scripting attacks, manipulate data, disclose confidential information, or cause a Denial of Service condition…
A remote, authenticated attacker can exploit a vulnerability in Microsoft SharePoint Server 2016, Microsoft SharePoint Server 2019, and Microsoft SharePoint to execute arbitrary program code.
An attacker can exploit multiple vulnerabilities in IBM DB2 to escalate privileges and conduct a denial of service attack.
A remote, anonymous attacker can exploit multiple vulnerabilities in FreeRDP to cause a denial of service or potentially execute arbitrary program code.
An attacker can exploit multiple vulnerabilities in Vercel Next.js to conduct a denial of service attack.
A remote, anonymous attacker can exploit a vulnerability in avahi-daemon to conduct a denial of service attack.
A remote, anonymous attacker can exploit multiple vulnerabilities in Red Hat Enterprise Linux to conduct a denial of service attack.
A local attacker can exploit a vulnerability in the glib library of Red Hat Enterprise Linux to conduct a denial of service attack and cause further unspecified impacts.
A remote, anonymous attacker can exploit multiple vulnerabilities in Oracle Java SE to compromise confidentiality, integrity, and availability.
A remote, anonymous attacker can exploit multiple vulnerabilities in FreeRDP to cause a denial-of-service condition or possibly execute arbitrary code.
An attacker can exploit multiple vulnerabilities in Node.js to execute arbitrary code, gain elevated privileges, bypass security measures, manipulate data, and disclose confidential information.
A remote attacker can exploit multiple vulnerabilities in FreeRDP to potentially cause a denial-of-service condition, execute arbitrary code, manipulate data, or disclose confidential information.