Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

curl - HackerOne Reports

View on HackerOne

173

Total Reports

7

Critical

25

High

62

Medium

61

Low

CVE-2025-4947: QUIC certificate check skip with wolfSSL

Reported by: kurohiro | Disclosed:

Medium

Weakness: Improper Validation of Certificate with Host Mismatch

Integer overflow in the source code tool_cb_prg.c

Reported by: sfpskywood | Disclosed:

Weakness: Integer Overflow

HTTP/3 Stream Dependency Cycle Exploit

Reported by: evilginx | Disclosed:

High

Weakness: Improper Input Validation

CVE-2024-2004: Usage of disabled protocol

Reported by: dfandrich | Disclosed:

Low

Weakness: Misinterpretation of Input

CVE-2019-5443: Windows Privilege Escalation: Malicious OpenSSL Engine

Reported by: mirchr | Disclosed:

High

Weakness: Code Injection

Bounty: $200.00

cookie is sent on redirect

Reported by: iylz | Disclosed:

Medium

Weakness: Insufficiently Protected Credentials

CVE-2019-5482: Heap buffer overflow in TFTP when using small blksize

Reported by: thomas_v | Disclosed:

Medium

Weakness: Heap Overflow

CVEs: CVE-2019-5436

CVE-2023-27538: SSH connection too eager reuse still

Reported by: nyymi | Disclosed:

Low

Weakness: Authentication Bypass by Primary Weakness

CVE-2022-32207: Unpreserved file permissions

Reported by: nyymi | Disclosed:

Medium

Weakness: Business Logic Errors

Memory Leak in libcurl via Location Header Handling (CWE-770)

Reported by: darkroomdragon | Disclosed:

High

Weakness: Allocation of Resources Without Limits or Throttling

CVE-2022-27776: Auth/cookie leak on redirect

Reported by: nyymi | Disclosed:

Medium

Weakness: Insufficiently Protected Credentials

CVEs: CVE-2022-27774

Incorrect Encoding Conversion in hostname results in indeterminate SSRF vulnerabilities

Reported by: z3r0yu | Disclosed:

Low

Weakness: Type Confusion

CVEs: CVE-2024-4577 CVE-2012-1823

huge COLUMNS causes progress-bar to buffer overflow

Reported by: pendrek | Disclosed:

Low

Weakness: Classic Buffer Overflow

CVE-2021-22945: UAF and double-free in MQTT sending

Reported by: z2_ | Disclosed:

Medium

Weakness: Double Free

CVE-2020-8231: Connect-only connections can use the wrong connection

Reported by: m42a | Disclosed:

Low

Weakness: Information Disclosure

Buffer overflow in strcpy

Reported by: rootgh0st | Disclosed:

Critical

Weakness: Buffer Underflow

CVE-2021-22925: TELNET stack contents disclosure again

Reported by: thoger | Disclosed:

Low

Weakness: Information Disclosure

CVEs: CVE-2021-22898

SMB access smuggling via FILE URL on Windows

Reported by: fms | Disclosed:

Weakness: Improper Input Validation

Bounty: $400.00

HTTP/2 PUSH_PROMISE DoS

Reported by: w0x42 | Disclosed:

Medium

Weakness: Uncontrolled Resource Consumption

CVE-2023-38546: cookie injection with none file

Reported by: w0x42 | Disclosed:

Low

Weakness: External Control of File Name or Path

Page 1 of 9 Next