| CVE-2019-5482 | Cri | 0.64 | 9.8 | 0.10 | | Sep 16, 2019 | Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. |
| CVE-2019-5481 | Cri | 0.64 | 9.8 | 0.04 | | Sep 16, 2019 | Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3. |
| CVE-2019-5436 | Hig | 0.52 | 7.8 | 0.15 | | May 28, 2019 | A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. |
| CVE-2015-3197 | Med | 0.39 | 5.9 | 0.14 | | Feb 15, 2016 | ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions. |
