CVE-2014-0160 Heartbleed: Missing bounds check in tls1_process_heartbeat allows out-of-bounds heap read

CVE-2014-0160 Heartbleed: Unsanitized Payload Length in TLS Heartbeat Processing

CVE-2020-8177: curl symlink attack via -J (Content-Disposition) and -i (include headers)

CVE-2020-8177: curl -J + -i local file overwrite via header-callback file creation bypass

CVE-2020-8177: curl local file overwrite via symlink with -J and -i options

CVE-2023-46218: Missing PSL Validation in Cookie Retrieval - curl Logic Bug

CVE-2023-46218 — curl cookie mixed-case PSL bypass in Curl_cookie_add

CVE-2023-46218: curl cookie PSL check missing in Curl_cookie_getlist() — asymmetric validation logic-bug

CVE-2022-32221 curl POST-after-PUT use-after-free

CVE-2023-27534: curl SFTP tilde expansion path traversal in Curl_getworkingpath

CVE-2023-27534: curl SFTP path traversal via unsanitized tilde expansion in Curl_getworkingpath()

CVE-2023-27534: Path Traversal in curl SFTP Tilde Expansion

CVE-2023-27535: curl FTP connection reuse misses ACCT/ALT-USER credentials

CVE-2023-38545: curl SOCKS5 state machine TOCTOU heap overflow via non-persistent socks5_resolve_local flag

CVE-2023-38545: SOCKS5 Heap Overflow from Hostname Length Truncation

CVE-2023-38545: curl SOCKS5 heap overflow via stale local resolve flag

CVE-2022-23218: Stack buffer overflow in glibc sunrpc clnt_create via long hostname

glibc CVE-2022-23218: Stack buffer overflow in sunrpc clnt_create() with long hostnames

CVE-2021-35942: glibc wordexp() integer overflow in w_addword via we_offs

CVE-2021-35942: Integer overflow in glibc wordexp() w_addword function