Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

curl - HackerOne Reports

View on HackerOne

247

Total Reports

13

Critical

47

High

82

Medium

64

Low

CVE-2024-6874: macidn punycode buffer overread

Reported by: z2_ | Disclosed:

Low

Weakness: Buffer Over-read

curl on Windows can be forced to execute code via OpenSSL environment variables

Reported by: supersausage | Disclosed:

High

Weakness: Privilege Escalation

CVEs: CVE-2019-5443 CVE-2019-1552

CVE-2021-22922: Wrong content via metalink not discarded

Reported by: nyymi | Disclosed:

Medium

Weakness: Business Logic Errors

Bounty: $700.00

CVE-2021-22923: Metalink download sends credentials

Reported by: nyymi | Disclosed:

Medium

Weakness: Cleartext Transmission of Sensitive Information

Bounty: $700.00

Data race conditions reported by helgrind when performing parallel DNS queries in libcurl

Reported by: brumbrum | Disclosed:

Medium

Weakness: Information Disclosure

OS Command Injection in scripts/firefox-db2pem.sh via untrusted certificate nicknames

Reported by: behindtheblackwall | Disclosed:

High

Weakness: OS Command Injection

Cookie injection from non-secure context

Reported by: nyymi | Disclosed:

High

Weakness: Session Fixation

Buffer write overflow when forming dns over http request

Reported by: pauldreik | Disclosed:

Low

Weakness: Classic Buffer Overflow

Resource leak when using a normal site as DOH server

Reported by: pauldreik | Disclosed:

Parallel upload hangs curl if upload file not found

Reported by: brumbrum | Disclosed:

Weakness: Uncontrolled Resource Consumption

CVE-2023-27534: SFTP path ~ resolving discrepancy

Reported by: nyymi | Disclosed:

Low

Weakness: Path Traversal

CVE-2023-27535: FTP too eager connection reuse

Reported by: nyymi | Disclosed:

Medium

Weakness: Authentication Bypass by Primary Weakness

bypass of this Fixed #2437131 [ Inadequate Protocol Restriction Enforcement in curl ]

Reported by: hackeriron1 | Disclosed:

Low

Weakness: Cleartext Transmission of Sensitive Information

Disk Space Exhaustion leading to a Denial of Service (DoS)

Reported by: tryhackplanet | Disclosed:

Medium

Weakness: LLM04: Model Denial of Service

Uncontrolled File Write/Arbitrary File Creation

Reported by: tryhackplanet | Disclosed:

High

Weakness: Code Injection

CVE-2024-11053: netrc + redirect credential leak

Reported by: nyymi | Disclosed:

Low

Weakness: Information Disclosure

Exploitable Format String Vulnerability in curl_mfprintf Function

Reported by: reterix | Disclosed:

High

Weakness: Use of Externally-Controlled Format String

CVE-2025-0725: gzip integer overflow

Reported by: z2_ | Disclosed:

Low

Weakness: Integer Overflow to Buffer Overflow

CVE-2021-22898: TELNET stack contents disclosure

Reported by: nyymi | Disclosed:

Medium

Weakness: Information Disclosure

Bounty: $1000.00

Vulnerability Report: Public Exposure of Security Audit File

Reported by: cyph3r_nitro | Disclosed:

Medium

Weakness: Information Disclosure

Previous Page 6 of 13 Next