CVSS: 9.8EPSS: 1%CPEs: 17EXPL: 0CVE-2018-1000120 – curl: FTP path trickery leads to NIL byte out of bounds write
https://notcve.org/view.php?id=CVE-2018-1000120
14 Mar 2018 — A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse. Existe un desbordamiento de búfer en curl, de la versión 7.12.3 a la 7.58.0, en la gestión de URL FTP que permite que un atacante provoque una denegación de servicio (DoS) o algo peor. It was found that libcurl did not safely parse FTP URLs when using the CURLOPT_FTP_FILEMETHOD method. An attacker, able to provide a specially crafted FTP URL to an applic... • http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 2%CPEs: 17EXPL: 0CVE-2018-1000121 – curl: LDAP NULL pointer dereference
https://notcve.org/view.php?id=CVE-2018-1000121
14 Mar 2018 — A NULL pointer dereference exists in curl 7.21.0 to and including curl 7.58.0 in the LDAP code that allows an attacker to cause a denial of service Existe una desreferencia de puntero NULL en curl, de la versión 7.21.0 a la 7.58.0, en el código LDAP que permite que un atacante provoque una denegación de servicio (DoS). A NULL pointer dereference flaw was found in the way libcurl checks values returned by the openldap ldap_get_attribute_ber() function. A malicious LDAP server could use this flaw to crash a l... • http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html • CWE-476: NULL Pointer Dereference •
CVSS: 9.1EPSS: 1%CPEs: 17EXPL: 0CVE-2018-1000122 – curl: RTSP RTP buffer over-read
https://notcve.org/view.php?id=CVE-2018-1000122
14 Mar 2018 — A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage Existe una sobrelectura de búfer en curl, de la versión 7.20.0 a la 7.58.0, en el código de gestión RTSP+RTP que permite que un atacante provoque una denegación de servicio (DoS) o una fuga de información. Phan Thanh discovered that curl incorrectly handled certain FTP paths. An attacker could use this to cause a denial of service or ... • http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 6.1EPSS: 8%CPEs: 81EXPL: 3CVE-2015-9251 – jquery: Cross-site scripting via cross-domain ajax requests
https://notcve.org/view.php?id=CVE-2015-9251
18 Jan 2018 — jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed. jQuery en versiones anteriores a la 3.0.0 es vulnerable a ataques de Cross-site Scripting (XSS) cuando se realiza una petición Ajax de dominios cruzados sin la opción dataType. Esto provoca que se ejecuten respuestas de texto/javascript. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applic... • https://github.com/halkichi0308/CVE-2015-9251 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 5%CPEs: 36EXPL: 0CVE-2016-0635
https://notcve.org/view.php?id=CVE-2016-0635
21 Jul 2016 — Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2; the Oracle Health Sciences Information Manager component in Oracle Health Sciences Applications 1.2.8.3, 2.0.2.3, and 3.0.1.0; the Oracle Healthcare Master Person Index component in Oracle Health Sciences Applications 2.0.12, 3.0.0, and 4.0.1; the Oracle Documaker component in Oracle Insurance Applications before 12.5; the Oracle Insurance Calculation Engine componen... • http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html •
CVSS: 6.5EPSS: 1%CPEs: 3EXPL: 0CVE-2016-3494
https://notcve.org/view.php?id=CVE-2016-3494
21 Jul 2016 — Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2 allows remote attackers to affect availability via vectors related to OS Provisioning. Vulnerabilidad no especificada en el componente Enterprise Manager Ops Center en Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2 y 12.3.2 permite a atacantes remotos afectar la disponibilidad a través de vectores relacionados con OS Provisioning. • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •
CVSS: 8.1EPSS: 73%CPEs: 21EXPL: 0CVE-2016-5385 – PHP: sets environmental variable based on user supplied Proxy request header
https://notcve.org/view.php?id=CVE-2016-5385
19 Jul 2016 — PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an "httpoxy" issu... • http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html • CWE-20: Improper Input Validation CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 8.1EPSS: 77%CPEs: 52EXPL: 0CVE-2016-5387 – HTTPD: sets environmental variable based on user supplied Proxy request header
https://notcve.org/view.php?id=CVE-2016-5387
18 Jul 2016 — The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "This mitigation has been assigned the identifier CVE-2016-5387"; in other words, this is not a CVE ID fo... • http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 7%CPEs: 14EXPL: 0CVE-2015-3237 – Gentoo Linux Security Advisory 201509-02
https://notcve.org/view.php?id=CVE-2015-3237
22 Jun 2015 — The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values. La función smb_request_state en cURL y libcurl 7.40.0 hasta 7.42.1 permite a servidores SMB remotos obtener información sensible de la memoria o causar una denegación de servicio (lectura fuera de rango y caída) a través de valores de longitud y desplazamiento manipulado... • http://curl.haxx.se/docs/adv_20150617B.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 4%CPEs: 12EXPL: 0CVE-2015-3153 – Debian Security Advisory 3240-1
https://notcve.org/view.php?id=CVE-2015-3153
30 Apr 2015 — The default configuration for cURL and libcurl before 7.42.1 sends custom HTTP headers to both the proxy and destination server, which might allow remote proxy servers to obtain sensitive information by reading the header contents. La configuración por defecto para cURL y libcurl anterior a 7.42.1 envía cabeceras HTTP personalizadas tanto al servidor proxy como al de destinación, lo que podría permitir a servidores proxy remotos obtener información sensible mediante la lectura de los contenidos de cabeceras... • http://curl.haxx.se/docs/adv_20150429.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •