| Max CVSS | 7.5 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-3822 | 7.5 |
libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents
|
15-06-2021 - 16:45 | 06-02-2019 - 20:29 | |
| CVE-2019-3823 | 5.0 |
libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed n
|
09-03-2021 - 15:15 | 06-02-2019 - 20:29 | |
| CVE-2018-16890 | 5.0 |
libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subjec
|
18-09-2020 - 16:33 | 06-02-2019 - 20:29 | |
| CVE-2018-20483 | 2.1 |
set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the downloaded file, which allows local users to obtain sensitive information (e.g., credent
|
24-08-2020 - 17:37 | 26-12-2018 - 18:29 | |
| CVE-2018-2048 | 5.0 |
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none.
|
22-01-2019 - 18:15 | 22-01-2019 - 18:15 |