cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2016-9586,https://securityvulnerability.io/vulnerability/CVE-2016-9586,,"curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks.",Red Hat,Curl,5.9,MEDIUM,0.01534000039100647,false,false,false,false,,false,false,2018-04-23T18:00:00.000Z,0
CVE-2017-2628,https://securityvulnerability.io/vulnerability/CVE-2017-2628,,"curl, as shipped in Red Hat Enterprise Linux 6 before version 7.19.7-53, did not correctly backport the fix for CVE-2015-3148 because it did not reflect the fact that the HAVE_GSSAPI define was meanwhile substituted by USE_HTTP_NEGOTIATE. This issue was introduced in RHEL 6.7 and affects RHEL 6 curl only.",Red Hat,Curl,9.8,CRITICAL,0.004430000204592943,false,false,false,false,,false,false,2018-03-12T15:00:00.000Z,0