Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

curl - HackerOne Reports

View on HackerOne

247

Total Reports

13

Critical

47

High

82

Medium

64

Low

Buffer Overflow in curl's Rustls Backend

Reported by: cyberguardianrd | Disclosed:

Weakness: Integer Overflow

on the implications of permitting procedural culling

Reported by: lyb_unaffiliated | Disclosed:

Low

Weakness: Use of Insufficiently Random Values

CVE-2021-22901: TLS session caching disaster

Reported by: nyymi | Disclosed:

High

Weakness: Use After Free

Bounty: $2000.00

huge COLUMNS causes progress-bar to buffer overflow

Reported by: pendrek | Disclosed:

Low

Weakness: Classic Buffer Overflow

libssh backend CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256 validation bypass

Reported by: nyymi | Disclosed:

Low

Weakness: Business Logic Errors

Division by zero if terminal width is 2

Reported by: danielmarjamaki | Disclosed:

Weakness: Improper Input Validation

CVE-2021-22945: UAF and double-free in MQTT sending

Reported by: z2_ | Disclosed:

Medium

Weakness: Double Free

CRLF injection in libcurl's SMTP client via --mail-from and --mail-rcpt allows SMTP command smuggling

Reported by: skrcprst | Disclosed:

Medium

Weakness: CRLF Injection

[Critical] Curl CVE-2023-38545 vulnerability code changes are disclosed on the internet

Reported by: shelldoit | Disclosed:

Critical

Weakness: Information Disclosure

CVEs: CVE-2023-38545

curl leaks destination IP via glibc getaddrinfo() UDP connect, bypassing SOCKS5/Tor

Reported by: robert_min1 | Disclosed:

Weakness: Information Disclosure

Curl parse_connect_to_string Heap-Overread Leading to Denial of Service via CURLOPT_CONNECT_TO

Reported by: irene1hacker | Disclosed:

Medium

Weakness: Buffer Over-read

Race condition with CURL_LOCK_DATA_CONNECT can cause connections to be used at the same time

Reported by: creid | Disclosed:

Low

Weakness: Use After Free

Binary output bypass

Reported by: eliasknudsen | Disclosed:

Low

Weakness: Classic Buffer Overflow

CVE-2020-8231: Connect-only connections can use the wrong connection

Reported by: m42a | Disclosed:

Low

Weakness: Information Disclosure

CVE-2023-23916: HTTP multi-header compression denial of service

Reported by: monnerat | Disclosed:

Medium

Weakness: Allocation of Resources Without Limits or Throttling

Buffer overflow in strcpy

Reported by: rootgh0st | Disclosed:

Critical

Weakness: Buffer Underflow

CVE-2021-22925: TELNET stack contents disclosure again

Reported by: thoger | Disclosed:

Low

Weakness: Information Disclosure

CVEs: CVE-2021-22898

Missing Security Headers

Reported by: balajidev | Disclosed:

Medium

Port and service scanning on localhost due to improper URL validation.

Reported by: vshmuk | Disclosed:

Medium

Weakness: Information Disclosure

Vulnerability Report: Public Exposure of Security Audit File

Reported by: cyph3r_nitro | Disclosed:

Medium

Weakness: Information Disclosure

Previous Page 3 of 13 Next