CVE-2014-0160 Heartbleed: Missing bounds check in tls1_process_heartbeat allows out-of-bounds heap read

CVE-2020-8177: curl -J + -i symlink/file-overwrite via rename() in tool_header_cb

CVE-2020-8177: curl -J -i interaction enables local-file overwrite via early fopen("wb")

CVE-2020-8177: Curl local file overwrite via symlink with -i and -J flags

CVE-2023-46218: curl cookie domain PSL check absent in Curl_cookie_getlist() — asymmetric validation logic bug

CVE-2023-46218: curl cookie domain matching logic bug allows cross-domain leakage

CVE-2023-46218 curl cookie mixed-case PSL bypass in Curl_cookie_add

CVE-2023-27534: curl SFTP path traversal via loose tilde-expansion check

CVE-2023-27534: curl SFTP path traversal via weak tilde-prefix check in Curl_getworkingpath

CVE-2023-27534: Path Traversal in curl SFTP Tilde Expansion

CVE-2023-27535: curl FTP connection reuse skips FTP_ACCOUNT / ALTERNATIVE_TO_USER / USE_SSL comparisons

CVE-2023-38545: Heap Buffer Overflow in SOCKS5 Hostname Handling

CVE-2023-38545 — curl SOCKS5 heap overflow via state-machine re-entrancy

CVE-2022-23218: Stack buffer overflow in glibc clnt_create() via unchecked strcpy into sun_path[108]

glibc CVE-2022-23218: Stack Buffer Overflow in clnt_create() with UNIX socket paths

CVE-2021-35942: Integer overflow in glibc wordexp() w_addword leads to heap overflow

CVE-2021-35942: Integer Overflow in glibc wordexp() w_addword Function

CVE-2024-2961: glibc iconv ISO-2022-CN-EXT buffer overflow — missing bounds checks in SS2/SS3 escape sequence writes

CVE-2024-2961: Buffer overflow in glibc ISO-2022-CN-EXT converter

CVE-2024-2961: glibc iconv ISO-2022-CN-EXT 4-byte heap buffer overflow