| # |
S |
W |
C |
Vulnerability |
Published |
First |
Last |
Awarded |
| 164 |
L |
|
C |
CVE-2025-0725: gzip integer overflow |
2025-02-05 |
7.10.5 |
8.11.1 |
505 USD |
| 163 |
L |
|
|
CVE-2025-0665: eventfd double close |
2025-02-05 |
8.11.1 |
8.11.1 |
505 USD |
| 162 |
L |
|
|
CVE-2025-0167: netrc and default credential leak |
2025-02-05 |
7.76.0 |
8.11.1 |
505 USD |
| 161 |
L |
|
|
CVE-2024-11053: netrc and redirect credential leak |
2024-12-11 |
7.76.0 |
8.11.0 |
505 USD |
| 160 |
L |
|
|
CVE-2024-9681: HSTS subdomain overwrites parent cache entry |
2024-11-05 |
7.74.0 |
8.10.1 |
540 USD |
| 159 |
M |
|
|
CVE-2024-8096: OCSP stapling bypass with GnuTLS |
2024-09-11 |
7.41.0 |
8.9.1 |
2540 USD |
| 158 |
L |
|
C |
CVE-2024-7264: ASN.1 date parser overread |
2024-07-31 |
7.32.0 |
8.9.0 |
540 USD |
| 157 |
L |
lib |
C |
CVE-2024-6874: macidn punycode buffer overread |
2024-07-24 |
8.8.0 |
8.8.0 |
540 USD |
| 156 |
M |
|
C |
CVE-2024-6197: freeing stack buffer in utf8asn1str |
2024-07-24 |
8.6.0 |
8.8.0 |
2540 USD |
| 155 |
M |
|
|
CVE-2024-2466: TLS certificate check bypass with mbedTLS |
2024-03-27 |
8.5.0 |
8.6.0 |
2540 USD |
| 154 |
M |
lib |
|
CVE-2024-2398: HTTP/2 push headers memory-leak |
2024-03-27 |
7.44.0 |
8.6.0 |
2540 USD |
| 153 |
L |
|
|
CVE-2024-2379: QUIC certificate check bypass with wolfSSL |
2024-03-27 |
8.6.0 |
8.6.0 |
540 USD |
| 152 |
L |
|
|
CVE-2024-2004: Usage of disabled protocol |
2024-03-27 |
7.85.0 |
8.6.0 |
540 USD |
| 151 |
L |
|
|
CVE-2024-0853: OCSP verification bypass with TLS session reuse |
2024-01-31 |
8.5.0 |
8.5.0 |
540 USD |
| 150 |
L |
|
|
CVE-2023-46219: HSTS long filename clears contents |
2023-12-06 |
7.84.0 |
8.4.0 |
540 USD |
| 149 |
M |
|
|
CVE-2023-46218: cookie mixed case PSL bypass |
2023-12-06 |
7.46.0 |
8.4.0 |
2540 USD |
| 148 |
L |
lib |
|
CVE-2023-38546: cookie injection with none file |
2023-10-11 |
7.9.1 |
8.3.0 |
540 USD |
| 147 |
H |
|
C |
CVE-2023-38545: SOCKS5 heap buffer overflow |
2023-10-11 |
7.69.0 |
8.3.0 |
4660 USD |
| 146 |
M |
|
|
CVE-2023-38039: HTTP headers eat all memory |
2023-09-13 |
7.84.0 |
8.2.1 |
2540 USD |
| 145 |
L |
lib |
|
CVE-2023-28322: more POST-after-PUT confusion |
2023-05-17 |
7.7 |
8.0.1 |
480 USD |
| 144 |
L |
|
|
CVE-2023-28321: IDN wildcard match |
2023-05-17 |
7.12.0 |
8.0.1 |
480 USD |
| 143 |
L |
lib |
|
CVE-2023-28320: siglongjmp race condition |
2023-05-17 |
7.9.8 |
8.0.1 |
480 USD |
| 142 |
M |
|
C |
CVE-2023-28319: UAF in SSH sha256 fingerprint check |
2023-05-17 |
7.81.0 |
8.0.1 |
2400 USD |
| 141 |
L |
|
|
CVE-2023-27538: SSH connection too eager reuse still |
2023-03-20 |
7.16.1 |
7.88.1 |
480 USD |
| 140 |
L |
lib |
C |
CVE-2023-27537: HSTS double free |
2023-03-20 |
7.88.0 |
7.88.1 |
480 USD |
| 139 |
L |
lib |
|
CVE-2023-27536: GSS delegation too eager connection re-use |
2023-03-20 |
7.22.0 |
7.88.1 |
480 USD |
| 138 |
M |
|
|
CVE-2023-27535: FTP too eager connection reuse |
2023-03-20 |
7.13.0 |
7.88.1 |
2400 USD |
| 137 |
L |
|
|
CVE-2023-27534: SFTP path ~ resolving discrepancy |
2023-03-20 |
7.18.0 |
7.88.1 |
480 USD |
| 136 |
L |
|
|
CVE-2023-27533: TELNET option IAC injection |
2023-03-20 |
7.7 |
7.88.1 |
480 USD |
| 135 |
M |
|
|
CVE-2023-23916: HTTP multi-header compression denial of service |
2023-02-15 |
7.57.0 |
7.87.0 |
2400 USD |
| 134 |
L |
|
|
CVE-2023-23915: HSTS amnesia with --parallel |
2023-02-15 |
7.77.0 |
7.87.0 |
480 USD |
| 133 |
L |
|
|
CVE-2023-23914: HSTS ignored on multiple requests |
2023-02-15 |
7.77.0 |
7.87.0 |
480 USD |
| 132 |
L |
|
C |
CVE-2022-43552: HTTP Proxy deny use after free |
2022-12-21 |
7.16.0 |
7.86.0 |
|
| 131 |
M |
|
|
CVE-2022-43551: Another HSTS bypass via IDN |
2022-12-21 |
7.77.0 |
7.86.0 |
2400 USD |
| 130 |
M |
|
|
CVE-2022-42916: HSTS bypass via IDN |
2022-10-26 |
7.77.0 |
7.85.0 |
2400 USD |
| 129 |
M |
|
C |
CVE-2022-42915: HTTP proxy double free |
2022-10-26 |
7.77.0 |
7.85.0 |
|
| 128 |
L |
|
C |
CVE-2022-35260: .netrc parser out-of-bounds access |
2022-10-26 |
7.84.0 |
7.85.0 |
480 USD |
| 127 |
M |
lib |
|
CVE-2022-32221: POST following PUT confusion |
2022-10-26 |
7.7 |
7.85.0 |
2400 USD |
| 126 |
L |
|
|
CVE-2022-35252: control code in cookie denial of service |
2022-08-31 |
4.9 |
7.84.0 |
480 USD |
| 125 |
L |
|
|
CVE-2022-32208: FTP-KRB bad message verification |
2022-06-27 |
7.16.4 |
7.83.1 |
480 USD |
| 124 |
M |
|
|
CVE-2022-32207: Non-preserved file permissions |
2022-06-27 |
7.69.0 |
7.83.1 |
2400 USD |
| 123 |
M |
|
|
CVE-2022-32206: HTTP compression denial of service |
2022-06-27 |
7.57.0 |
7.83.1 |
2400 USD |
| 122 |
L |
|
|
CVE-2022-32205: Set-Cookie denial of service |
2022-06-27 |
7.71.0 |
7.83.1 |
480 USD |
| 121 |
M |
|
|
CVE-2022-30115: HSTS bypass via trailing dot |
2022-05-11 |
7.82.0 |
7.83.0 |
2400 USD |
| 120 |
M |
|
|
CVE-2022-27782: TLS and SSH connection too eager reuse |
2022-05-11 |
7.16.1 |
7.83.0 |
2400 USD |
| 119 |
L |
lib |
|
CVE-2022-27781: CERTINFO never-ending busy-loop |
2022-05-11 |
7.34.0 |
7.83.0 |
|
| 118 |
M |
|
|
CVE-2022-27780: percent-encoded path separator in URL host |
2022-05-11 |
7.80.0 |
7.83.0 |
2400 USD |
| 117 |
M |
|
|
CVE-2022-27779: cookie for trailing dot TLD |
2022-05-11 |
7.82.0 |
7.83.0 |
2400 USD |
| 116 |
M |
tool |
|
CVE-2022-27778: curl removes wrong file on error |
2022-05-11 |
7.83.0 |
7.83.0 |
2400 USD |
| 115 |
L |
|
|
CVE-2022-27776: Auth/cookie leak on redirect |
2022-04-27 |
4.9 |
7.82.0 |
480 USD |
| 114 |
L |
|
|
CVE-2022-27775: Bad local IPv6 connection reuse |
2022-04-27 |
7.65.0 |
7.82.0 |
480 USD |
| 113 |
M |
|
|
CVE-2022-27774: Credential leak on redirect |
2022-04-27 |
4.9 |
7.82.0 |
2400 USD |
| 112 |
M |
|
|
CVE-2022-22576: OAUTH2 bearer bypass in connection re-use |
2022-04-27 |
7.33.0 |
7.82.0 |
2400 USD |
| 111 |
M |
|
|
CVE-2021-22947: STARTTLS protocol injection via MITM |
2021-09-15 |
7.20.0 |
7.78.0 |
1500 USD |
| 110 |
M |
|
|
CVE-2021-22946: Protocol downgrade required TLS bypassed |
2021-09-15 |
7.20.0 |
7.78.0 |
1000 USD |
| 109 |
M |
|
C |
CVE-2021-22945: UAF and double free in MQTT sending |
2021-09-15 |
7.73.0 |
7.78.0 |
1000 USD |
| 108 |
M |
|
|
CVE-2021-22926: CURLOPT_SSLCERT mix-up with Secure Transport |
2021-07-21 |
7.33.0 |
7.77.0 |
1000 USD |
| 107 |
M |
|
C |
CVE-2021-22925: TELNET stack contents disclosure again |
2021-07-21 |
7.7 |
7.77.0 |
800 USD |
| 106 |
M |
|
|
CVE-2021-22924: Bad connection reuse due to flawed path name checks |
2021-07-21 |
7.10.4 |
7.77.0 |
1200 USD |
| 105 |
M |
tool |
|
CVE-2021-22923: Metalink download sends credentials |
2021-07-21 |
7.27.0 |
7.77.0 |
700 USD |
| 104 |
M |
tool |
|
CVE-2021-22922: Wrong content via Metalink not discarded |
2021-07-21 |
7.27.0 |
7.77.0 |
700 USD |
| 103 |
H |
|
C |
CVE-2021-22901: TLS session caching disaster |
2021-05-26 |
7.75.0 |
7.76.1 |
2000 USD |
| 102 |
M |
|
C |
CVE-2021-22898: TELNET stack contents disclosure |
2021-05-26 |
7.7 |
7.76.1 |
1000 USD |
| 101 |
L |
|
|
CVE-2021-22897: Schannel cipher selection surprise |
2021-05-26 |
7.61.0 |
7.76.1 |
800 USD |
| 100 |
L |
|
|
CVE-2021-22890: TLS 1.3 session ticket proxy host mix-up |
2021-03-31 |
7.63.0 |
7.75.0 |
|
| 99 |
L |
|
|
CVE-2021-22876: Automatic referer leaks credentials |
2021-03-31 |
7.1.1 |
7.75.0 |
800 USD |
| 98 |
M |
|
|
CVE-2020-8286: Inferior OCSP verification |
2020-12-09 |
7.41.0 |
7.73.0 |
900 USD |
| 97 |
M |
lib |
|
CVE-2020-8285: FTP wildcard stack overflow |
2020-12-09 |
7.21.0 |
7.73.0 |
|
| 96 |
L |
|
|
CVE-2020-8284: trusting FTP PASV responses |
2020-12-09 |
4.0 |
7.73.0 |
700 USD |
| 95 |
L |
lib |
|
CVE-2020-8231: wrong connect-only connection |
2020-08-19 |
7.29.0 |
7.71.1 |
500 USD |
| 94 |
M |
tool |
|
CVE-2020-8177: curl overwrite local file with -J |
2020-06-24 |
7.20.0 |
7.70.0 |
700 USD |
| 93 |
M |
|
|
CVE-2020-8169: Partial password leak over DNS on HTTP redirect |
2020-06-24 |
7.62.0 |
7.70.0 |
400 USD |
| 92 |
M |
|
C |
CVE-2019-5481: FTP-KRB double free |
2019-09-11 |
7.52.0 |
7.65.3 |
200 USD |
| 91 |
M |
lib |
C |
CVE-2019-5482: TFTP small blocksize heap buffer overflow |
2019-09-11 |
7.19.4 |
7.65.3 |
250 USD |
| 90 |
H |
|
|
CVE-2019-5443: Windows OpenSSL engine code injection |
2019-06-24 |
7.44.0 |
7.65.1 |
200 USD |
| 89 |
L |
|
C |
CVE-2019-5436: TFTP receive buffer overflow |
2019-05-22 |
7.19.4 |
7.64.1 |
200 USD |
| 88 |
L |
|
C |
CVE-2019-5435: Integer overflows in URL parser |
2019-05-22 |
7.62.0 |
7.64.1 |
150 USD |
| 87 |
M |
|
C |
CVE-2018-16890: NTLM type-2 out-of-bounds buffer read |
2019-02-06 |
7.36.0 |
7.63.0 |
|
| 86 |
H |
|
C |
CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow |
2019-02-06 |
7.36.0 |
7.63.0 |
|
| 85 |
L |
|
C |
CVE-2019-3823: SMTP end-of-response out-of-bounds read |
2019-02-06 |
7.34.0 |
7.63.0 |
|
| 84 |
L |
tool |
C |
CVE-2018-16842: warning message out-of-buffer read |
2018-10-31 |
7.14.1 |
7.61.1 |
100 USD |
| 83 |
L |
|
C |
CVE-2018-16840: use after free in handle close |
2018-10-31 |
7.59.0 |
7.61.1 |
100 USD |
| 82 |
L |
|
C |
CVE-2018-16839: SASL password overflow via integer overflow |
2018-10-31 |
7.33.0 |
7.61.1 |
|
| 81 |
H |
|
C |
CVE-2018-14618: NTLM password overflow via integer overflow |
2018-09-05 |
7.15.4 |
7.61.0 |
|
| 80 |
H |
|
C |
CVE-2018-0500: SMTP send heap buffer overflow |
2018-07-11 |
7.54.1 |
7.60.0 |
|
| 79 |
H |
|
C |
CVE-2018-1000300: FTP shutdown response buffer overflow |
2018-05-16 |
7.54.1 |
7.59.0 |
|
| 78 |
M |
|
C |
CVE-2018-1000301: RTSP bad headers buffer over-read |
2018-05-16 |
7.20.0 |
7.59.0 |
|
| 77 |
M |
|
C |
CVE-2018-1000122: RTSP RTP buffer over-read |
2018-03-14 |
7.20.0 |
7.58.0 |
|
| 76 |
L |
|
C |
CVE-2018-1000121: LDAP NULL pointer dereference |
2018-03-14 |
7.21.0 |
7.58.0 |
|
| 75 |
H |
|
C |
CVE-2018-1000120: FTP path trickery leads to NIL byte out of bounds write |
2018-03-14 |
7.12.3 |
7.58.0 |
|
| 74 |
L |
|
|
CVE-2018-1000007: HTTP authentication leak in redirects |
2018-01-24 |
6.0 |
7.57.0 |
|
| 73 |
L |
|
C |
CVE-2018-1000005: HTTP/2 trailer out-of-bounds read |
2018-01-24 |
7.49.0 |
7.57.0 |
|
| 72 |
H |
|
C |
CVE-2017-8818: SSL out of buffer access |
2017-11-29 |
7.56.0 |
7.56.1 |
|
| 71 |
M |
lib |
C |
CVE-2017-8817: FTP wildcard out of bounds read |
2017-11-29 |
7.21.0 |
7.56.1 |
|
| 70 |
M |
|
C |
CVE-2017-8816: NTLM buffer overflow via integer overflow |
2017-11-29 |
7.36.0 |
7.56.1 |
|
| 69 |
M |
|
C |
CVE-2017-1000257: IMAP FETCH response out of bounds read |
2017-10-12 |
7.20.0 |
7.56.0 |
|
| 68 |
M |
|
C |
CVE-2017-1000254: FTP PWD response parser out of bounds read |
2017-10-04 |
7.7 |
7.55.1 |
|
| 67 |
M |
tool |
C |
CVE-2017-1000101: URL globbing out of bounds read |
2017-08-09 |
7.34.0 |
7.54.1 |
|
| 66 |
H |
|
C |
CVE-2017-1000100: TFTP sends more than buffer size |
2017-08-09 |
7.15.0 |
7.54.1 |
|
| 65 |
M |
|
C |
CVE-2017-1000099: FILE buffer read out of bounds |
2017-08-09 |
7.54.1 |
7.54.1 |
|
| 64 |
H |
|
C |
CVE-2017-9502: URL file scheme drive letter buffer overflow |
2017-06-14 |
7.53.0 |
7.54.0 |
|
| 63 |
H |
|
|
CVE-2017-7468: TLS session resumption client cert bypass (again) |
2017-04-19 |
7.52.0 |
7.53.1 |
|
| 62 |
M |
tool |
C |
CVE-2017-7407: --write-out out of buffer read |
2017-04-03 |
6.5 |
7.53.1 |
|
| 61 |
M |
|
|
CVE-2017-2629: SSL_VERIFYSTATUS ignored |
2017-02-22 |
7.52.0 |
7.52.1 |
|
| 60 |
H |
|
|
CVE-2016-9594: uninitialized random |
2016-12-23 |
7.52.0 |
7.52.0 |
|
| 59 |
M |
lib |
C |
CVE-2016-9586: printf floating point buffer overflow |
2016-12-21 |
5.4 |
7.51.0 |
|
| 58 |
M |
|
|
CVE-2016-9952: Win CE Schannel cert wildcard matches too much |
2016-12-21 |
7.27.0 |
7.51.0 |
|
| 57 |
M |
|
C |
CVE-2016-9953: Win CE Schannel cert name out of buffer read |
2016-12-21 |
7.27.0 |
7.51.0 |
|
| 56 |
H |
|
|
CVE-2016-8615: cookie injection for other servers |
2016-11-02 |
4.9 |
7.50.3 |
|
| 55 |
M |
|
|
CVE-2016-8616: case insensitive password comparison |
2016-11-02 |
7.7 |
7.50.3 |
|
| 54 |
M |
|
C |
CVE-2016-8617: OOB write via unchecked multiplication |
2016-11-02 |
7.8.1 |
7.50.3 |
|
| 53 |
M |
lib |
C |
CVE-2016-8618: double free in curl_maprintf |
2016-11-02 |
5.4 |
7.50.3 |
|
| 52 |
H |
|
C |
CVE-2016-8619: double free in krb5 code |
2016-11-02 |
7.3 |
7.50.3 |
|
| 51 |
M |
tool |
C |
CVE-2016-8620: glob parser write/read out of bounds |
2016-11-02 |
7.34.0 |
7.50.3 |
|
| 50 |
M |
|
C |
CVE-2016-8621: curl_getdate read out of bounds |
2016-11-02 |
7.12.2 |
7.50.3 |
|
| 49 |
M |
|
C |
CVE-2016-8622: URL unescape heap overflow via integer truncation |
2016-11-02 |
7.24.0 |
7.50.3 |
|
| 48 |
H |
lib |
C |
CVE-2016-8623: Use after free via shared cookies |
2016-11-02 |
7.10.7 |
7.50.3 |
|
| 47 |
M |
|
|
CVE-2016-8624: invalid URL parsing with '#' |
2016-11-02 |
6.0 |
7.50.3 |
|
| 46 |
H |
|
|
CVE-2016-8625: IDNA 2003 makes curl use wrong host |
2016-11-02 |
7.12.0 |
7.50.3 |
|
| 45 |
M |
lib |
C |
CVE-2016-7167: curl escape and unescape integer overflows |
2016-09-14 |
7.11.1 |
7.50.2 |
|
| 44 |
H |
|
|
CVE-2016-7141: Incorrect reuse of client certificates |
2016-09-07 |
7.19.6 |
7.50.1 |
|
| 43 |
H |
|
|
CVE-2016-5419: TLS session resumption client cert bypass |
2016-08-03 |
5.0 |
7.50.0 |
|
| 42 |
M |
|
|
CVE-2016-5420: Re-using connections with wrong client cert |
2016-08-03 |
7.7 |
7.50.0 |
|
| 41 |
H |
lib |
C |
CVE-2016-5421: use of connection struct after free |
2016-08-03 |
7.32.0 |
7.50.0 |
|
| 40 |
H |
|
|
CVE-2016-4802: Windows DLL hijacking |
2016-05-30 |
7.11.1 |
7.49.0 |
|
| 39 |
H |
|
|
CVE-2016-3739: TLS certificate check bypass with mbedTLS/PolarSSL |
2016-05-18 |
7.21.0 |
7.48.0 |
|
| 38 |
H |
tool |
|
CVE-2016-0754: remote filename path traversal in curl tool for Windows |
2016-01-27 |
4.0 |
7.46.0 |
|
| 37 |
M |
|
|
CVE-2016-0755: NTLM credentials not-checked for proxy connection re-use |
2016-01-27 |
7.10.7 |
7.46.0 |
|
| 36 |
H |
|
C |
CVE-2015-3237: SMB send off unrelated memory contents |
2015-06-17 |
7.40.0 |
7.42.1 |
|
| 35 |
H |
|
|
CVE-2015-3236: lingering HTTP credentials in connection re-use |
2015-06-17 |
7.40.0 |
7.42.1 |
|
| 34 |
H |
|
|
CVE-2015-3153: sensitive HTTP server headers also sent to proxies |
2015-04-29 |
4.0 |
7.42.0 |
|
| 33 |
M |
|
C |
CVE-2015-3144: hostname out of boundary memory access |
2015-04-22 |
7.37.0 |
7.41.0 |
|
| 32 |
M |
|
C |
CVE-2015-3145: cookie parser out of boundary memory access |
2015-04-22 |
7.31.0 |
7.41.0 |
|
| 31 |
M |
|
|
CVE-2015-3148: Negotiate not treated as connection-oriented |
2015-04-22 |
7.10.6 |
7.41.0 |
|
| 30 |
M |
|
|
CVE-2015-3143: Re-using authenticated connection when unauthenticated |
2015-04-22 |
7.10.6 |
7.41.0 |
|
| 29 |
M |
|
|
CVE-2014-8151: Secure Transport certificate check bypass |
2015-01-08 |
7.31.0 |
7.39.0 |
|
| 28 |
H |
|
|
CVE-2014-8150: URL request injection |
2015-01-08 |
6.0 |
7.39.0 |
|
| 27 |
M |
lib |
C |
CVE-2014-3707: duphandle read out of bounds |
2014-11-05 |
7.17.1 |
7.38.0 |
|
| 26 |
H |
|
|
CVE-2014-3620: cookie leak for TLDs |
2014-09-10 |
7.31.0 |
7.37.1 |
|
| 25 |
M |
|
|
CVE-2014-3613: cookie leak with IP address as domain |
2014-09-10 |
4.0 |
7.37.1 |
|
| 24 |
M |
|
|
CVE-2014-2522: not verifying certs for TLS to IP address / Schannel |
2014-03-26 |
7.27.0 |
7.35.0 |
|
| 23 |
M |
|
|
CVE-2014-1263: not verifying certs for TLS to IP address / Secure Transport |
2014-03-26 |
7.27.0 |
7.35.0 |
|
| 22 |
M |
|
|
CVE-2014-0139: IP address wildcard certificate validation |
2014-03-26 |
7.10.3 |
7.35.0 |
|
| 21 |
M |
|
|
CVE-2014-0138: wrong re-use of connections |
2014-03-26 |
7.10.6 |
7.35.0 |
|
| 20 |
M |
|
|
CVE-2014-0015: re-use of wrong HTTP NTLM connection |
2014-01-29 |
7.10.6 |
7.34.0 |
|
| 19 |
M |
lib |
|
CVE-2013-6422: cert name check ignore with GnuTLS |
2013-12-17 |
7.21.4 |
7.33.0 |
|
| 18 |
M |
lib |
|
CVE-2013-4545: cert name check ignore OpenSSL |
2013-11-15 |
7.18.0 |
7.32.0 |
|
| 17 |
H |
lib |
C |
CVE-2013-2174: URL decode buffer boundary flaw |
2013-06-22 |
7.7 |
7.30.0 |
|
| 16 |
H |
|
|
CVE-2013-1944: cookie domain tailmatch |
2013-04-12 |
4.7 |
7.29.0 |
|
| 15 |
C |
|
C |
CVE-2013-0249: SASL buffer overflow |
2013-02-06 |
7.26.0 |
7.28.1 |
|
| 14 |
H |
|
|
CVE-2011-3389: SSL CBC IV vulnerability |
2012-01-24 |
7.10.6 |
7.23.1 |
|
| 13 |
H |
|
|
CVE-2012-0036: URL sanitization vulnerability |
2012-01-24 |
7.20.0 |
7.23.1 |
|
| 12 |
M |
|
|
CVE-2011-2192: inappropriate GSSAPI delegation |
2011-06-23 |
7.10.6 |
7.21.6 |
|
| 11 |
H |
tool |
|
CVE-2010-3842: local file overwrite |
2010-10-13 |
7.20.0 |
7.21.1 |
|
| 10 |
H |
lib |
|
CVE-2010-0734: data callback excessive length |
2010-02-09 |
7.10.5 |
7.19.7 |
|
| 9 |
H |
|
C |
CVE-2009-2417: embedded zero in cert name |
2009-08-12 |
7.4 |
7.19.5 |
|
| 8 |
M |
|
|
CVE-2009-0037: Arbitrary File Access |
2009-03-03 |
5.11 |
7.19.3 |
|
| 7 |
L |
|
|
CVE-2007-3564: GnuTLS insufficient cert verification |
2007-07-10 |
7.14.0 |
7.16.3 |
|
| 6 |
H |
|
C |
CVE-2006-1061: TFTP Packet Buffer Overflow |
2006-03-20 |
7.15.0 |
7.15.2 |
|
| 5 |
H |
|
C |
CVE-2005-4077: URL Buffer Overflow |
2005-12-07 |
7.11.2 |
7.15.0 |
|
| 4 |
H |
|
C |
CVE-2005-3185: NTLM Buffer Overflow |
2005-10-13 |
7.10.6 |
7.14.1 |
|
| 3 |
H |
|
C |
CVE-2005-0490: Authentication Buffer Overflows |
2005-02-21 |
7.3 |
7.13.0 |
|
| 2 |
H |
|
|
CVE-2003-1605: Proxy Authentication Header Information Leakage |
2003-08-03 |
4.5 |
7.10.6 |
|
| 1 |
C |
|
C |
CVE-2000-0973: FTP Server Response Buffer Overflow |
2000-10-13 |
6.0 |
7.4 |
|