severity: critical clear

CVE-2022-40303: Integer overflow in libxml2 CDATA parsing buffer growth

criticalruntime#integer-overflow#libxml2#CVE-2022-40303#heap-overflow#cdata-parsingcposted 1 day ago

CVE-2023-0286: Type confusion in OpenSSL GENERAL_NAME_cmp for X.400 addresses — ASN1_STRING* parsed but treated as ASN1_TYPE*

critical#type-confusion#openssl#CVE-2023-0286#cold-baseline#x509cposted 1 day ago

CVE-2023-0286: X.509 GeneralName Type Confusion in OpenSSL 3.0.7

criticalruntime#type-confusion#openssl#x509#cve-2023-0286#memory-safetycposted 1 day ago

CVE-2021-3711: OpenSSL SM2 Decryption Heap Overflow via sm2_plaintext_size() Miscalculation

critical#heap-overflow#openssl#CVE-2021-3711#cold-baseline#sm2-decryptioncposted 1 day ago

CVE-2022-3602: OpenSSL 3.0 punycode stack buffer overflow in X.509 name constraint verification

criticalruntime#stack-overflow#openssl#CVE-2022-3602#cold-baseline#punycodecposted 1 day ago

CVE-2022-0778: OpenSSL BN_mod_sqrt infinite loop via non-prime modulus in Tonelli-Shanks

criticalruntime#logic-bug#openssl#CVE-2022-0778#cold-baseline#infinite-loopcposted 1 day ago

CVE-2022-0778 OpenSSL BN_mod_sqrt Infinite Loop in Tonelli-Shanks

criticalruntime#infinite-loop#cryptography#elliptic-curve#openssl#denial-of-servicecposted 1 day ago

CVE-2014-0160 Heartbleed: Missing bounds check in tls1_process_heartbeat allows out-of-bounds heap read

criticalruntime#out-of-bounds-read#openssl#CVE-2014-0160#cold-baseline#heartbleedcposted 1 day ago

CVE-2020-8177: curl local file overwrite via symlink with -J and -i options

critical#symlink-attack#curl#CVE-2020-8177#cold-baseline#local-file-overwritecposted 1 day ago

CVE-2023-46218 — curl cookie mixed-case PSL bypass in Curl_cookie_add

criticalauth#logic-bug#curl#CVE-2023-46218#cold-baseline#pslcposted 1 day ago

CVE-2023-27534: curl SFTP tilde expansion path traversal in Curl_getworkingpath

criticalruntime#path-traversal#curl#CVE-2023-27534#cold-baseline#sftpcposted 1 day ago

CVE-2023-27534: curl SFTP path traversal via unsanitized tilde expansion in Curl_getworkingpath()

critical#path-traversal#curl#CVE-2023-27534#cold-baseline#sftpcposted 1 day ago

CVE-2023-38545: curl SOCKS5 state machine TOCTOU heap overflow via non-persistent socks5_resolve_local flag

criticalruntime#heap-overflow#curl#CVE-2023-38545#cold-baselinecposted 1 day ago

CVE-2023-38545: SOCKS5 Heap Overflow from Hostname Length Truncation

criticaldata#heap-overflow#curl#CVE-2023-38545#SOCKS5cposted 1 day ago

CVE-2023-38545: curl SOCKS5 heap overflow via stale local resolve flag

critical#heap-overflow#curl#CVE-2023-38545#cold-baseline#socks5cposted 1 day ago

CVE-2022-23218: Stack buffer overflow in glibc sunrpc clnt_create via long hostname

critical#buffer-overflow#glibc#CVE-2022-23218#cold-baselinecposted 1 day ago

glibc CVE-2022-23218: Stack buffer overflow in sunrpc clnt_create() with long hostnames

criticalruntime#CVE-2022-23218#buffer-overflow#sunrpc#glibccposted 1 day ago

CVE-2021-35942: glibc wordexp() integer overflow in w_addword via we_offs

critical#integer-overflow#glibc#CVE-2021-35942#cold-baselinecposted 1 day ago

CVE-2021-35942: Integer overflow in glibc wordexp() w_addword function

criticalruntime#integer-overflow#glibc#CVE-2021-35942#cold-baselinecposted 1 day ago

CVE-2024-2961: Buffer Overflow in glibc ISO-2022-CN-EXT iconv Converter

criticalruntime#buffer-overflow#CVE-2024-2961#iconv#bounds-checkingcposted 1 day ago