CVE-2023-38545: This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow…

CVE-2023-38545 [CRITICAL] curl_cffi bundles a version of libcurl affected by High Severity vulnerability curl_cffi bundles a version of libcurl affected by High Severity vulnerability ### Summary curl_cffi is potentially affected by High Severity vulnerability (CVE-2023-38545) in libcurl=8.5`, which is not affected by this issue.

CVE-2023-38545 [CRITICAL] CWE-1395 curl_cffi bundles a version of libcurl affected by High Severity vulnerability curl_cffi bundles a version of libcurl affected by High Severity vulnerability ### Summary curl_cffi is potentially affected by High Severity vulnerability (CVE-2023-38545) in libcurl=8.5`, which is not affected by this issue.

CVE-2023-38545 [CRITICAL] CVE-2023-38545: This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host name is detected to be longer, curl switches to local name resolving and instead passes on the resolved address only. Due to this bug, the local variable that means "let the host resolve the name" could get the wrong value during a slow SOCKS5 handshake, and contrary to the intention, copy the too long host name to the target buffer instead of copying just the resolved address there. The target buffer being a heap based buffer, and the host name coming from the URL that curl has been told to operate

CVE-2023-38545 [CRITICAL] CVE-2023-38545: This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host name is detected to be longer, curl switches to local name resolving and instead passes on the resolved address only. Due to this bug, the local variable that means "let the host resolve the name" could get the wrong value during a slow SOCKS5 handshake, and contrary to the intention, copy the too long host name to the target buffer instead of copying just the resolved address there. The target buffer being a heap based buffer, and the host name coming from the URL that curl has been told to opera

CVE-2023-38545 [CRITICAL] CWE-787 GHSA-7xw9-w465-6x42: This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host name is detected to be longer, curl switches to local name resolving and instead passes on the resolved address only. Due to this bug, the local variable that means "let the host resolve the name" could get the wrong value during a slow SOCKS5 handshake, and contrary to the intention, copy the too long host name to the target buffer instead of copying just the resolved address there. The target buffer being a heap based buffer, and the host name coming from the URL that curl has been told to opera

CVE-2023-38545 [CRITICAL] curl vulnerabilities curl vulnerabilities USN-6429-1 fixed vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 23.10. Original advisory details: Jay Satiro discovered that curl incorrectly handled hostnames when using a SOCKS5 proxy. In environments where curl is configured to use a SOCKS5 proxy, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-38545) It was discovered that curl incorrectly handled cookies when an application duplicated certain handles. A local attacker could possibly create a cookie file and inject arbitrary cookies into subsequent connections. (CVE-2023-38546)

CVE-2023-38545 [CRITICAL] curl vulnerabilities curl vulnerabilities Jay Satiro discovered that curl incorrectly handled hostnames when using a SOCKS5 proxy. In environments where curl is configured to use a SOCKS5 proxy, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-38545) It was discovered that curl incorrectly handled cookies when an application duplicated certain handles. A local attacker could possibly create a cookie file and inject arbitrary cookies into subsequent connections. (CVE-2023-38546)

[CRITICAL] Siemens Desigo CC Product Family and SENTRON Powermanager ICS Advisory ## Siemens Desigo CC Product Family and SENTRON Powermanager Release DateFebruary 12, 2026 Alert CodeICSA-26-043-04 Related topics: Industrial Control System Vulnerabilities, Industrial Control Systems View CSAF ## Summary Versions V6.0 through V8 QU1 of the Desigo CC product family (Desigo CC, Desigo CC Compact, Desigo CC Connect, Cerberus DMS), as well as the Desigo CC-based SENTRON Powermanager, are affected by a vulnerability in the underlying third-party component WIBU Systems CodeMeter Runtime. Successful exploitation of this vulnerability could lead to code execution in the context of the current process. Siemens has released instructions how to update the CodeMeter Runtime component and recommends to apply the update on affected systems.

Siemens SIMATIC S7-1500 CPU Family ICS Advisory ## Siemens SIMATIC S7-1500 CPU Family Release DateJune 12, 2025 Alert CodeICSA-25-162-05 Related topics: Industrial Control System Vulnerabilities, Industrial Control Systems As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF ## 1. EXECUTIVE SUMMARY - CVSS v4 8.7 - ATTENTION: Exploitable remotely/low attack complexity - Vendor: Siemens - Equipment: SIMATIC S7-1500 CPU family - Vulnerabilities: Missing Encryption of Sensitive Data, Out-of-bounds Read, Use After Free, Stack-

CVE-2023-38545 [CRITICAL] Oracle Oracle Analytics Risk Matrix: Analytics Server (curl) — CVE-2023-38545 Oracle Oracle Analytics Risk Matrix: Analytics Server (curl) vulnerability CVE: CVE-2023-38545 CVSS: 9.8 Protocol: SOCKS5 Remote exploit: Yes Affected versions: Network Advisory: cpuoct2024 (OCT 2024)

Siemens SIMATIC RTLS Locating Manager ICS Advisory ## Siemens SIMATIC RTLS Locating Manager Release DateMay 16, 2024 Alert CodeICSA-24-137-07 As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF ## 1. EXECUTIVE SUMMARY - CVSS v4 10.0 - ATTENTION: Exploitable remotely/low attack complexity - Vendor: Siemens - Equipment: SIMATIC RTLS Locating Manager - Vulnerabilities: Improper Input Validation, Improper Check for Unusual or Exceptional Conditions, Uncontrolled Resource Consumption, Excessive Iteration, Allocation of Resources Wi

CVE-2023-38545 [CRITICAL] Oracle Oracle PeopleSoft Risk Matrix: File Processing (curl) — CVE-2023-38545 Oracle Oracle PeopleSoft Risk Matrix: File Processing (curl) vulnerability CVE: CVE-2023-38545 CVSS: 9.8 Protocol: HTTP Remote exploit: Yes Affected versions: Network Advisory: cpuapr2024 (APR 2024)

Siemens RUGGEDCOM APE1808 ICS Advisory ## Siemens RUGGEDCOM APE1808 Release DateMarch 14, 2024 Alert CodeICSA-24-074-05 As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF ## 1. EXECUTIVE SUMMARY - CVSS v4 8.7 - ATTENTION: Exploitable remotely/low attack complexity - Vendor: Siemens - Equipment: RUGGEDCOM APE1808 - Vulnerabilities: Heap-based Buffer Overflow, External Control of File Name or Path, Improper Privilege Management, Uncontrolled Resource Consumption, Improper Certificate Validation, Out-of-bounds Write,

Siemens SINEC NMS ICS Advisory ## Siemens SINEC NMS Release DateFebruary 15, 2024 Alert CodeICSA-24-046-15 As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF ## 1. EXECUTIVE SUMMARY - CVSS v3 9.8 - ATTENTION: Exploitable remotely/low attack complexity - Vendor: Siemens - Equipment: SINEC NMS - Vulnerabilities: Out-of-bounds Read, Inadequate Encryption Strength, Double Free, Use After Free, NULL Pointer Dereference, Improper Input Validation, Missing Encryption of Sensitive Data, Allocation of Resources Wit

CVE-2023-38545 [CRITICAL] CVE-2023-38545: macOS Monterey 12.7.3 Apple Security Update: About the security content of macOS Monterey 12.7.3 Product: macOS Monterey Version: 12.7.3 CVE: CVE-2023-38545 Component: CVE-2023-38545

CVE-2023-38545 [CRITICAL] CVE-2023-38545: macOS Ventura 13.6.4 Apple Security Update: About the security content of macOS Ventura 13.6.4 Product: macOS Ventura Version: 13.6.4 CVE: CVE-2023-38545 Component: CVE-2023-38545

CVE-2023-38545 [CRITICAL] Oracle Oracle Database Server Risk Matrix: Oracle Spatial and Graph (curl) — CVE-2023-38545 Oracle Oracle Database Server Risk Matrix: Oracle Spatial and Graph (curl) vulnerability CVE: CVE-2023-38545 CVSS: 6.5 Protocol: HTTP Remote exploit: No Affected versions: Network Advisory: cpujan2024 (JAN 2024)

[CRITICAL] Rockwell Automation FactoryTalk Activation ICS Advisory ## Rockwell Automation FactoryTalk Activation Release DateJanuary 04, 2024 Alert CodeICSA-24-004-01 View CSAF ## 1. EXECUTIVE SUMMARY - CVSS v3 9.8 - ATTENTION: Exploitable remotely/low attack complexity - Vendor: Rockwell Automation - Equipment: FactoryTalk Activation Manager - Vulnerabilities: Out-of-Bounds Write ## 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in a buffer overflow and allow the attacker to gain full access to the system. ## 3. TECHNICAL DETAILS ## 3.1 AFFECTED PRODUCTS The following versions of Factory Talk are affected: - Factory Talk: V4.00 (Utilizes Wibu-Systems CodeMeter <7.60c) ## 3.2 Vulnerability Overview 3.2.1 OUT-OF-BOUNDS WRITE CWE-787 Rockwell Automation FactoryTalk Activ

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1 ICS Advisory ## Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1 Release DateDecember 14, 2023 Alert CodeICSA-23-348-10 As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF ## 1. EXECUTIVE SUMMARY - CVSS v3 9.8 - ATTENTION: Exploitable remotely/low attack complexity - Vendor: Siemens - Equipment: SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1 - Vulnerabilities: Improper Restriction of XML External Entity Reference, Time-of-check Time-of-use (TOCTOU) Race Condition, Command Injection, Miss

CVE-2023-38545 [CRITICAL] CVE-2023-38545: macOS Sonoma 14.2 Apple Security Update: About the security content of macOS Sonoma 14.2 Product: macOS Sonoma Version: 14.2 CVE: CVE-2023-38545 Component: CVE-2023-38545

CVE-2023-38545 [CRITICAL] Long Term Support Channel Update for ChromeOS: CVE-2023-38545 Long Term Support Channel Update for ChromeOS CVE-2023-38545

CVE-2023-38546 [CRITICAL] curl vulnerabilities Title: curl vulnerabilities Summary: Several security issues were fixed in curl. USN-6429-1 fixed vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 23.10. Original advisory details: Jay Satiro discovered that curl incorrectly handled hostnames when using a SOCKS5 proxy. In environments where curl is configured to use a SOCKS5 proxy, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-38545) It was discovered that curl incorrectly handled cookies when an application duplicated certain handles. A local attacker could possibly create a cookie file and inject arbitrary cookies into subsequent connections. (CVE-2023-38546) Instructions: In general, a standard syst

CVE-2023-38545 [CRITICAL] Oracle Oracle MySQL Risk Matrix: Server: Compiling (curl) — CVE-2023-38545 Oracle Oracle MySQL Risk Matrix: Server: Compiling (curl) vulnerability CVE: CVE-2023-38545 CVSS: 7.5 Protocol: MySQL Protocol Remote exploit: Yes Affected versions: Network Advisory: cpuoct2023 (OCT 2023)

CVE-2023-38545 [CRITICAL] CWE-122 cURL and libcurl Vulnerability Affecting Cisco Products: October 2023 cURL and libcurl Vulnerability Affecting Cisco Products: October 2023 On October 11, 2023, cURL released Version 8.4.0 of the cURL utility and the libcurl library. This release addressed two security vulnerabilities: CVE-2023-38545 – High Security Impact Rating (SIR) CVE-2023-38546 – Low SIR This advisory covers CVE-2023-38545 only. For more information about this vulnerability, see the cURL advisory. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-curl-libcurl-D9ds39cV

CVE-2023-38545 [CRITICAL] CWE-120 Impact of curl and libcurl Vulnerabilities (CVE-2023-38545, CVE-2023-38546) Impact of curl and libcurl Vulnerabilities (CVE-2023-38545, CVE-2023-38546) The Palo Alto Networks Product Security Assurance team has evaluated the curl and libcurl vulnerabilities (CVE-2023-38545, CVE-2023-38546) that were disclosed on October 11, 2023 as they relate to our products. At this time, there are no demonstrated scenarios that enable successful exploitation of these vulnerabilities in our products. Affected products: Cloud NGFW, Cortex XDR, Cortex XDR Agent, PAN-OS, Prisma Access, Prisma Cloud, Prisma SD-WAN ION Solution: No software updates are required at this time. Workaround: Customers with a Threat Prevention subscription can block attacks for CVE-2023-38545 by enabling Threat ID 94436 (Applications and Threats content update 8764).

CVE-2023-38546 [CRITICAL] curl vulnerabilities Title: curl vulnerabilities Summary: Several security issues were fixed in curl. Jay Satiro discovered that curl incorrectly handled hostnames when using a SOCKS5 proxy. In environments where curl is configured to use a SOCKS5 proxy, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-38545) It was discovered that curl incorrectly handled cookies when an application duplicated certain handles. A local attacker could possibly create a cookie file and inject arbitrary cookies into subsequent connections. (CVE-2023-38546) Instructions: In general, a standard system update will make all the necessary changes.

CVE-2023-38545 [CRITICAL] CWE-119 curl: heap based buffer overflow in the SOCKS5 proxy handshake curl: heap based buffer overflow in the SOCKS5 proxy handshake This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host name is detected to be longer, curl switches to local name resolving and instead passes on the resolved address only. Due to this bug, the local variable that means "let the host resolve the name" could get the wrong value during a slow SOCKS5 handshake, and contrary to the intention, copy the too long host name to the target buffer instead of copying just the resolved address there. The target buffer being a heap based buffer, and the h

CVE-2023-38545 [CRITICAL] CWE-122 Hackerone: CVE-2023-38545 SOCKS5 heap buffer overflow Hackerone: CVE-2023-38545 SOCKS5 heap buffer overflow FAQ: 1. When will an update be available to address this vulnerability? UPDATE: Microsoft has included version 8.4.0 of curl.exe in Windows updates released on November 14, 2023 for currently supported, on-premise versions of Windows clients and servers. See the Security Updates table in this CVE for the applicable Windows update KB numbers. Windows security updates are cumulative, so future updates will include curl 8.4.0 or higher. Microsoft is fully aware of this issue and is actively working to release version 8.4.0 of curl.exe in a future Windows update for currently supported, on-premise versions of Windows clients and servers. The Security Updates table for this CVE will be updated with the Windows update KB numbers for all supp

CVE-2023-38545 [CRITICAL] CVE-2023-38545: curl - This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake.... This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host name is detected to be longer, curl switches to local name resolving and instead passes on the resolved address only. Due to this bug, the local variable that means "let the host resolve the name" could get the wrong value during a slow SOCKS5 handshake, and contrary to the intention, copy the too long host name to the target buffer instead of copying just the resolved address there. The target buffer being a heap based buffer, and the host name coming from the URL that curl has been told to operate

CVE-2023-38545 cURL and libcurl Vulnerability Affecting Cisco Products: October 2023 CVE-2023-38545: cURL and libcurl Vulnerability Affecting Cisco Products: October 2023 On October 11, 2023, cURL released Version 8.4.0 of the cURL utility and the libcurl library. This release addressed two security vulnerabilities: CVE-2023-38545 - High Security Impact Rating (SIR) CVE-2023-38546 - Low SIR This advisory covers CVE-2023-38545 only. For more information about this vulnerability, see the cURL advisory . This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-curl-libcurl-D9ds39cV CVSS: 3.1 CWE: CWE-122, CWE-122

CVE-2023-38546 cURL and libcurl Vulnerability Affecting Cisco Products: October 2023 CVE-2023-38546: cURL and libcurl Vulnerability Affecting Cisco Products: October 2023 On October 11, 2023, cURL released Version 8.4.0 of the cURL utility and the libcurl library. This release addressed two security vulnerabilities: CVE-2023-38545 - High Security Impact Rating (SIR) CVE-2023-38546 - Low SIR This advisory covers CVE-2023-38545 only. For more information about this vulnerability, see the cURL advisory . This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-curl-libcurl-D9ds39cV CVSS: 3.1 CWE: CWE-122, CWE-122

CVE-2023-38545 [CRITICAL] Deprecated - Potential curl CVE-2023-38545 Exploitation Deprecated - Potential curl CVE-2023-38545 Exploitation Detects potential exploitation of curl CVE-2023-38545 by monitoring for vulnerable command line arguments in conjunction with an unusual command line length. A flaw in curl version = 8.4 to patch this vulnerability. This exploit can be executed with and without the use of environment variables. For increased visibility, enable the collection of http_proxy, HTTPS_PROXY and ALL_PROXY environment variables based on the instructions provided in the setup guide of this rule. Query: process where host.os.type == "linux" and event.type == "start" and event.action == "exec" and process.name == "curl" and ( process.args like ("--socks5-hostname", "--proxy", "--preproxy", "socks5*") or process.env_vars like ("http_proxy=socks5h://*", "HTTPS_

What is a buffer overflow? Modern attacks and cloud security | Wiz ## What is a buffer overflow? A buffer overflow is a well-known type of memory corruption vulnerability. When a program tries to write more data into a buffer (a temporary storage space) than it was allocated, the excess data “overflows,” overwriting adjacent memory locations. This isn't a new flaw; buffer overflows have been around for decades. But they remain a dangerous and relevant threat, even in modern applications and systems. In the cloud, buffer overflow attacks can target services like web APIs or applications running in containers. Two out-of-bounds access vulnerabilities CWE Top 25 Most Dangerous Software Weaknesses list for 2024: CWE-787 (Out-of-bounds Write) and CWE-125 (Out-of-bounds Read). Not every vulnerability is actually exploited in the wild, of course. But a recent

What is a buffer overflow? Modern attacks and cloud security | Wiz ## What is a buffer overflow? A buffer overflow is a well-known type of memory corruption vulnerability. When a program tries to write more data into a buffer (a temporary storage space) than it was allocated, the excess data “overflows,” overwriting adjacent memory locations. This isn't a new flaw; buffer overflows have been around for decades. But they remain a dangerous and relevant threat, even in modern applications and systems. In the cloud, buffer overflow attacks can target services like web APIs or applications running in containers. Two out-of-bounds access vulnerabilities CWE Top 25 Most Dangerous Software Weaknesses list for 2024: CWE-787 (Out-of-bounds Write) and CWE-125 (Out-of-bounds Read). Not every vulnerability is actually exploited in the wild, of course. But a recent

What is cloud workload protection (CWP)? ## What is cloud workload protection (CWP)? Last updated | January 27, 2026 | ## TL;DR: Why cloud workload protection matters Cloud workload protection secures your containers, virtual machines (VMs) and serverless workloads from misconfigurations, vulnerabilities and active cloud threats. CWP helps you reduce risk, enforce compliance and build a mature cloud security posture — without slowing innovation. This CWP guide explains how it works, why it matters, what to look for and how CWP fits into your cloud-native application protection platform (CNAPP) strategy. ## Table of contents What is CWP? The cloud and AI risk What is cloud workload protection? Why is CWP important? What challenges does cloud workload protection address? How does cloud workload protection fit into a CNAPP

[CRITICAL] Tenable Research Reveals Popular AI Tools Used in Cloud Environments are Highly Vulnerable ## Tenable Research Reveals Popular AI Tools Used in Cloud Environments are Highly Vulnerable ## Analysis finds 70% of cloud workloads using AI services contain unresolved vulnerabilities March 19, 2025 · Columbia, MD Tenable® , the exposure management company, today announced the release of its Cloud AI Risk Report 2025 , which found that cloud-based AI is prone to avoidable toxic combinations that leave sensitive AI data and models vulnerable to manipulation, data tampering and data leakage. Cloud and AI are undeniable game changers for businesses. However, both introduce complex cyber risks when combined. The Tenable Cloud AI Risk Report 2025 highlights the current state of security risks in cloud AI development tools and frameworks, and in AI services offered by the three major clo

Oracle Critical Patch Update, October 2024 Security Update Review ## Table of Contents Qualys QID Coverage Notable Oracle Vulnerabilities Patched Discover and Prioritize Vulnerabilities in Vulnerability Management, Detection & Response (VMDR) Oracle released the last quarterly edition of this year’s Critical Patch Update. The update contains patches for 334 security vulnerabilities. Some of the vulnerabilities addressed in this update impact more than one product. These patches address vulnerabilities in various product families, including third-party components in Oracle products. In this quarterly Oracle Critical Patch Update, Oracle Communications received the highest number of patches, 100 constituting about 30% of the total patches released. Oracle MySQL and Oracle Fusion Middleware followed, with 45 and 32 security patches, respectively. 244

Oracle Critical Patch Security Update: October 2024 | Qualys #### Table of Contents - Qualys QID Coverage - Notable Oracle Vulnerabilities Patched - Discover and Prioritize Vulnerabilities in Vulnerability Management, Detection & Response (VMDR) Oracle released the last quarterly edition of this year’s Critical Patch Update. The update contains patches for 334 security vulnerabilities. Some of the vulnerabilities addressed in this update impact more than one product. These patches address vulnerabilities in various product families, including third-party components in Oracle products. In this quarterly Oracle Critical Patch Update, Oracle Communications received the highest number of patches, 100 constituting about 30% of the total patches released. Oracle MySQL and Oracle Fusion Middleware followed, with 45 and 32 security patches, respectively.

Oracle Patch Update, January 2024 Security Update Review ## Table of Contents Qualys QID Coverage Notable Oracle Vulnerabilities Patched Discover and Prioritize Vulnerabilities in Vulnerability Management, Detection & Response (VMDR) Oracle has released its first quarterly edition of Critical Patch Update, which contains patches for 389 security vulnerabilities. Some of the vulnerabilities addressed in this update impact more than one product. These patches address vulnerabilities in a wide range of product families, including Oracle code and third-party components included in Oracle products. In the first quarterly Oracle Critical Patch Update, Oracle Financial Services Applications received the highest number of patches, 71, constituting 18% of the total patches released. Oracle Communications and Oracle Communications Applications follow

Oracle Patch Update, January 2024 Security Update Review | Qualys #### Table of Contents - Qualys QID Coverage - Notable Oracle Vulnerabilities Patched - Discover and Prioritize Vulnerabilities in Vulnerability Management, Detection & Response (VMDR) Oracle has released its first quarterly edition of Critical Patch Update, which contains patches for 389 security vulnerabilities. Some of the vulnerabilities addressed in this update impact more than one product. These patches address vulnerabilities in a wide range of product families, including Oracle code and third-party components included in Oracle products. In the first quarterly Oracle Critical Patch Update, Oracle Financial Services Applications received the highest number of patches, 71, constituting 18% of the total patches released. Oracle Communications and Oracle Communications Applications

[HIGH] Microsoft’s November 2023 Patch Tuesday Addresses 57 CVEs (CVE-2023-36025) ## Cloud Exposure Tenable Cloud Security (CNAPP) Request a demo Tenable Cloud Vulnerability Management Request a demo Tenable CIEM Request a demo Secure your cloud ## Vulnerability Exposure Tenable Vulnerability Management Try for free Tenable Security Center Request a demo Tenable Web App Scanning Try for free Tenable Patch Management Request a demo Tenable Enclave Security Request a demo Tenable Attack Surface Management Request a demo Tenable Nessus Try for free ## AI Exposure Tenable AI Exposure Request a demo ## OT/IoT Exposure Tenable OT Security Request a demo ## Identity Exposure Tenable Identity Exposure Request a demo ## Business needs Active Directory AI Security Posture Management (AI-SPM) AWS security Azure security Cloud Security Posture Man

CVE-2023-42115 [CRITICAL] Crying Out Cloud - November Newsletter | Wiz The past month has brought a series of vulnerabilities and security incidents that have left users affected. Amidst the noise, we've taken it upon ourselves to curate the most significant developments for you. Here are our top picks of cloud security highlights! ## 🐞 High Profile Vulnerabilities ## Critical and high severity 0day vulnerabilities in Exim Multiple vulnerabilities were disclosed in Exim Mail Transfer Agent (MTA), including CVE-2023-42115, which is a critical vulnerability enabling unauthenticated attackers to remotely execute code on publicly exposed Exim servers with a specific non-default configuration. This issue results from improper input validation that leads to writing arbitrary code past the end of the buffer. According to Wiz data, although Exim is very prevalen

CVE-2023-38545 16th October – Threat Intelligence Report Latest Publications CPR Podcast Channel AI Research Web 3.0 Security Intelligence Reports ThreatCloud AI Threat Intelligence & Research Zero Day Protection Sandblast File Analysis About Us SUBSCRIBE 2026 2025 2024 2023 2022 2021 2020 2019 2018 2017 2016 ## 16th October – Threat Intelligence Report For the latest discoveries in cyber research for the week of 9th October, please download our Threat_Intelligence Bulletin . TOP ATTACKS AND BREACHES LockBit ransomware gang has claimed responsibility for an alleged attack on the multibillion-dollar IT products and services reseller CDW. The gang has demanded $80M ransom and threatened to release stolen data, said to include employee badges, audits, commission payout data and more. The company has isolated the affected

CVE-2023-38545 [CRITICAL] Hyped up curl vulnerability falls short of expectations ## Hyped up curl vulnerability falls short of expectations ## Lawrence Abrams curl 8.4.0 has been released to patch and release details on a hyped up high-severity security vulnerability (CVE-2023-38545), easing week-long concerns regarding the flaw’s severity. curl is a command line utility that allows you to transfer data over various protocols, most commonly used to connect to websites. An associated libcurl library enables developers to incorporate curl into their applications for easy file transfer support. On October 4th, curl developer Daniel Stenberg warned that the development cycle for curl 8.4.0 would be cut short, and the new version would be released on October 11th to resolve a vulnerability, warning its the worst curl security flaw seen in a long time. "We are cutting t

CVE-2023-38545 [CRITICAL] CVE-2023-38545: Everything You Need to Know | Wiz Blog The cURL team published version 8.4.0 on October 11, 2023, after announcing that it includes a fix for a high severity vulnerability assigned CVE-2023-38545. This vulnerability is a buffer overflow flaw in the SOCKS5 proxy handshake. It is recommended to upgrade cURL to the patched version 8.4.0 or up. # What is CVE-2023-38545? This flaw causes curl to overflow a heap-based buffer during the SOCKS5 proxy handshake. When curl is instructed to forward the hostname to the SOCKS5 proxy for address resolution instead of handling it internally, the maximum allowable length for the hostname is 255 bytes. If the hostname is identified as being longer than 255 bytes, curl switches to local name resolution and only passes the resolved address to the proxy. Unfortunately, due to a bug, the local v

CVE-2023-38545 [CRITICAL] CVE-2023-38545: Everything You Need to Know | Wiz Blog The cURL team published version 8.4.0 on October 11, 2023, after announcing that it includes a fix for a high severity vulnerability assigned CVE-2023-38545. This vulnerability is a buffer overflow flaw in the SOCKS5 proxy handshake. It is recommended to upgrade cURL to the patched version 8.4.0 or up. ## What is CVE-2023-38545? This flaw causes curl to overflow a heap-based buffer during the SOCKS5 proxy handshake. When curl is instructed to forward the hostname to the SOCKS5 proxy for address resolution instead of handling it internally, the maximum allowable length for the hostname is 255 bytes. If the hostname is identified as being longer than 255 bytes, curl switches to local name resolution and only passes the resolved address to the proxy. Unfortunately, due to a bug, the local

CVE-2023-38545 [CRITICAL] Curl 8.4.0 – Proactively Identifying Potential Vulnerable Assets ## Table of Contents What is Curl and libcurl? What Are Curl Vulnerabilities CVE-2023-38545 & CVE-2023-38546? Vulnerable Versions What Should Organizations Do? How Can Qualys Help? Discover Vulnerable Instances Using Qualys VMDR DetectVulnerableVersionsoflibcurlUsingQualysCustomAssessmentandRemediation(CAR) Patch Vulnerable Systems Using Qualys Patch Management (PM) Qualys QID Coverage What vulnerabilities were remediated in curl 8.4.0? Conclusion On Wednesday, October 4, 2023, the curl project maintainers announced pre-notification for curl version 8.4.0 to be released on October 11. This version will fix two new vulnerabilities with one high and one low-severity CVE. The prenotification stated that the high-severity issue is arguably the most critical security flaw identified

CVE-2023-38545 [CRITICAL] Curl 8.4.0 Vulnerability Detection & Mitigation | Qualys #### Table of Contents - What is Curl and libcurl? - What Are Curl Vulnerabilities CVE-2023-38545 & CVE-2023-38546? - Vulnerable Versions - What Should Organizations Do? - How Can Qualys Help? - Discover Vulnerable Instances Using Qualys VMDR - DetectVulnerableVersionsoflibcurlUsingQualysCustomAssessmentandRemediation(CAR) - Patch Vulnerable Systems Using Qualys Patch Management (PM) - Qualys QID Coverage - What vulnerabilities were remediated in curl 8.4.0? - Conclusion On Wednesday, October 4, 2023, the curl project maintainers announced pre-notification for curl version 8.4.0 to be released on October 11. This version will fix two new vulnerabilities with one high and one low-severity CVE. The prenotification stated that the high-severity issue is arguably the most critical security f

[CRITICAL] CVE-2023-38545, CVE-2023-38546: Frequently Asked Questions for New Vulnerabilities in curl ## Cloud Exposure Tenable Cloud Security (CNAPP) Request a demo Tenable Cloud Vulnerability Management Request a demo Tenable CIEM Request a demo Secure your cloud ## Vulnerability Exposure Tenable Vulnerability Management Try for free Tenable Security Center Request a demo Tenable Web App Scanning Try for free Tenable Patch Management Request a demo Tenable Enclave Security Request a demo Tenable Attack Surface Management Request a demo Tenable Nessus Try for free ## AI Exposure Tenable AI Exposure Request a demo ## OT/IoT Exposure Tenable OT Security Request a demo ## Identity Exposure Tenable Identity Exposure Request a demo ## Business needs Active Directory AI Security Posture Management (AI-SPM) AWS security Azure security Cloud Security Posture Man

[CRITICAL] NoiseLetter CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures Compromised Asset Detection Find out immediately if an asset communicates with a malicious IP address Vulnerability Prioritization Get real-time insight into active exploitation trends to better understand risk and severity SOC Efficiency Filter out noisy, low priority and false-positive alerts from mass internet scanners Incident Investigation Add context to incidents to speed the determinations of scope and timelines Threat Hunting Quickly identify anomalous behavior and enrich your threat hunting campaigns Why GreyNoise CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures Compromised Asset Detection Fin

CVE-2023-38545 [CRITICAL] CVE-2023-38545 Vulnerability: Analysis, Impact, Mitigation | Huntress ## CVE-2023-38545 Vulnerability Published: 10/07/2025 Written by: Monica Burgess CVE-2023-38545, also known as "SOCKS5 heap buffer overflow," is a high-severity vulnerability in the widely used cURL library. This flaw allows a malicious server to trigger a buffer overflow in a connecting client, potentially leading to remote code execution (RCE). It affects applications that use libcurl for SOCKS5 proxy handshakes. ## What is CVE-2023-38545 Vulnerability Wil Hayes? CVE-2023-38545 is a heap-based buffer overflow vulnerability found in libcurl, one of the most common open-source libraries for transferring data with URLs. When an application uses libcurl to connect to a SOCKS5 proxy and the connection is slow, the logic for handling the hostname can get confused. If the hostname is longe

[CRITICAL] CVE-2023-38545: So you cURL, but will you cIRL? CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures Compromised Asset Detection Find out immediately if an asset communicates with a malicious IP address Vulnerability Prioritization Get real-time insight into active exploitation trends to better understand risk and severity SOC Efficiency Filter out noisy, low priority and false-positive alerts from mass internet scanners Incident Investigation Add context to incidents to speed the determinations of scope and timelines Threat Hunting Quickly identify anomalous behavior and enrich your threat hunting campaigns Why GreyNoise CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures Compromised Asset Detection Fin

CVE-2023-38545 [CRITICAL] CVE-2023-38545: socks5 heap buffer overflow CVE-2023-38545: socks5 heap buffer overflow # Summary: The SOCKS5 state machine can be manipulated by a remote attacker to overflow heap memory if four conditions are met: 1. The request is made via socks5h. 2. The state machine's negotiation buffer is smaller than ~65k. 3. The SOCKS server's "hello" reply is delayed. 4. The attacker sets a final destination hostname larger than the negotiation buffer. libcurl is supposed to disable SOCKS5 remote hostname resolution for hostnames larger than 255 but will not due to a state machine bug. For example tor user running libcurl app with follow location that connects to rogue onion server that replies with payload in `Location:` header which causes crash or worse. # Walkthrough: `do_SOCKS` initializes local variable `socks5_resolve_local`

Unveiling Hidden Links Between Unseen Security Entities VulnScopper Unveiling Hidden Links Between Unseen Security Entities Daniel Alfasi Reichman University, Israel Tal Shapira The Hebrew University of Jerusalem, Israel Anat Bremler Barr Tel Aviv University, Israel empty ### Abstract The proliferation of software vulnerabilities poses a significant challenge for security databases and analysts tasked with their timely identification, classification, and remediation. With the National Vulnerability Database (NVD) reporting an ever-increasing number of vulnerabilities, the traditional manual analysis becomes untenably time-consuming and prone to errors. This paper introduces , an innovative approach that utilizes multi-modal representation learning, combining Knowledge Graphs (KG) and Natural Language Processing (NLP), to automate and