Skip to main content

Services Tools Bundle

2 CVEs product

Monthly

CVE-2019-1559 MEDIUM PATCH This Month

If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

OpenSSL Information Disclosure Oracle Ubuntu Linux Debian Linux +79
NVD
CVSS 3.1
5.9
EPSS
17.1%
CVE-2019-3822 CRITICAL POC PATCH THREAT Act Now

libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Stack Overflow Libcurl Ubuntu Linux Debian Linux +13
NVD
CVSS 3.1
9.8
EPSS
12.8%
EPSS 17% CVSS 5.9
MEDIUM PATCH This Month

If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

OpenSSL Information Disclosure Oracle +81
NVD
EPSS 13% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Stack Overflow Libcurl +15
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy