Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

curl - HackerOne Reports

View on HackerOne

247

Total Reports

13

Critical

47

High

82

Medium

64

Low

Potential XSS vector in curl via unsanitized URL parameter handling

Reported by: redfoxsec | Disclosed:

High

Weakness: Code Injection

NULL dereference when encoding DN of x509 certificate

Reported by: z2_ | Disclosed:

Low

Weakness: NULL Pointer Dereference

Use after free (or assert triggered) with failed allocations in openssl

Reported by: catenacyber | Disclosed:

Weakness: Use After Free

CVE-2021-22897: schannel cipher selection surprise

Reported by: nyymi | Disclosed:

Low

Weakness: Business Logic Errors

Bounty: $800.00

CVE-2021-22876: Automatic referer leaks credentials

Reported by: vsz | Disclosed:

Low

Integer Overflow Risk in HTTP/2 Proxy Window Size Calculations

Reported by: extramayoextracheeseextrafries | Disclosed:

Medium

Weakness: Integer Overflow

CVEs: CVE-2019-9513 CVE-2019-9511

--libcurl code injection via trigraphs

Reported by: nyymi | Disclosed:

Low

Weakness: Code Injection

Incorrect Parsing of IPv6 Zone ID in curl

Reported by: 9vvert | Disclosed:

High

Weakness: Authentication Bypass by Primary Weakness

curl --continue-at confusion

Reported by: nyymi | Disclosed:

Medium

Weakness: Business Logic Errors

CVE-2022-42915: HTTP proxy double-free

Reported by: bagder | Disclosed:

Medium

Weakness: Double Free

Integer Overflow in schannel.c TLS Data Transmission

Reported by: kakorrhaphiophobia | Disclosed:

Medium

Weakness: Integer Overflow

Curl_auth_create_plain_message integer overflow leads to heap buffer overflow

Reported by: major_tom | Disclosed:

Low

Weakness: Incorrect Calculation of Buffer Size

CVEs: CVE-2018-16839

Heap buffer overflow vulnerability in conncache.c: incorrect use of pointer arrays resulting in out-of-bounds memory writes.

Reported by: freak_coding | Disclosed:

Medium

Weakness: Heap Overflow

Git repository found

Reported by: tefa_ | Disclosed:

High

Weakness: Information Disclosure

Security check up

Reported by: ejejohn | Disclosed:

Low

Weakness: Allocation of Resources Without Limits or Throttling

CVE-2021-22946: Protocol downgrade required TLS bypassed

Reported by: monnerat | Disclosed:

Medium

Weakness: Missing Required Cryptographic Step

CVE-2021-22947: STARTTLS protocol injection via MITM

Reported by: monnerat | Disclosed:

Medium

Weakness: Cryptographic Issues - Generic

CVE-2022-32207: Unpreserved file permissions

Reported by: nyymi | Disclosed:

Medium

Weakness: Business Logic Errors

Memory Leak in libcurl via Location Header Handling (CWE-770)

Reported by: darkroomdragon | Disclosed:

High

Weakness: Allocation of Resources Without Limits or Throttling

Vulnerability Report: Public Exposure of Security Audit File

Reported by: cyph3r_nitro | Disclosed:

Medium

Weakness: Information Disclosure

Previous Page 2 of 13 Next