| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-9586 | 6.8 |
curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions. If there are any application that accepts a format string from the outside without necessary
|
29-06-2021 - 15:15 | 23-04-2018 - 18:29 | |
| CVE-2018-16839 | 7.5 |
Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.
|
09-10-2019 - 23:36 | 31-10-2018 - 18:29 | |
| CVE-2018-16842 | 6.4 |
Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.
|
06-08-2019 - 17:15 | 31-10-2018 - 19:29 | |
| CVE-2016-7167 | 7.5 |
Multiple integer overflows in the (1) curl_escape, (2) curl_easy_escape, (3) curl_unescape, and (4) curl_easy_unescape functions in libcurl before 7.50.3 allow attackers to have unspecified impact via a string of length 0xffffffff, which triggers a h
|
13-11-2018 - 11:29 | 07-10-2016 - 14:59 | |
| CVE-2016-7141 | 5.0 |
curl and libcurl before 7.50.2, when built with NSS and the libnsspem.so library is available at runtime, allow remote attackers to hijack the authentication of a TLS connection by leveraging reuse of a previously loaded client certificate from file
|
13-11-2018 - 11:29 | 03-10-2016 - 21:59 |