453 matches found
CVE-2026-27810
calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an...
UBUNTU-CVE-2026-27824
calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, the calibre Content Server's brute-force protection mechanism uses a ban key derived from both remoteaddr and the X-Forwarded-For header. Since the X-Forwarded-For header i...
UBUNTU-CVE-2026-27810
calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an...
CVE-2026-27824
calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, the calibre Content Server's brute-force protection mechanism uses a ban key derived from both remoteaddr and the X-Forwarded-For header. Since the X-Forwarded-For header i...
CVE-2026-27824
CVE-2026-27824 affects calibre (Content Server) prior to version 9.4.0 where brute-force protection derives its ban key from both remote_addr and X-Forwarded-For. Because X-Forwarded-For is read directly from the HTTP request without validation or trusted-proxy checks, an attacker can bypass IP-b...
EUVD-2026-9057
calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, the calibre Content Server's brute-force protection mechanism uses a ban key derived from both remoteaddr and the X-Forwarded-For header. Since the X-Forwarded-For header i...
CVE-2026-27824 calibre has IP Ban Bypass via X-Forwarded-For Header Spoofing
calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, the calibre Content Server's brute-force protection mechanism uses a ban key derived from both remoteaddr and the X-Forwarded-For header. Since the X-Forwarded-For header i...
CVE-2026-27810 calibre Vulnerable to HTTP Response Header Injection
calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an...
CVE-2026-27810
calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an...
CVE-2026-27810 calibre Vulnerable to HTTP Response Header Injection
calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an...
EUVD-2026-9056
calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an...
CVE-2026-27810 calibre Vulnerable to HTTP Response Header Injection
calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an...
PT-2026-22385
Name of the Vulnerable Software and Affected Versions calibre versions prior to 9.4.0 Description calibre is an e-book manager used for viewing, converting, editing, and cataloging e-books. The Content Server’s brute-force protection mechanism relies on a ban key derived from both the remote addr...
PT-2026-22384
Name of the Vulnerable Software and Affected Versions calibre versions prior to 9.4.0 Description calibre is an e-book manager for viewing, converting, editing, and cataloging e-books. A HTTP Response Header Injection exists in the calibre Content Server for versions before 9.4.0. An authenticate...
Exploit for Improper Input Validation in Hyland Perceptive_Content_Server
CVE-2018-19629 Test Environment Docker test environment for C...
CVE-2025-42877
SAP Web Dispatcher, Internet Communication Manager ICM, and SAP Content Server allow an unauthenticated user to exploit logical errors that lead to a memory corruption vulnerability. This results in high impact on the availability with no impact on confidentiality or integrity of the application...
EUVD-2025-201850
SAP Web Dispatcher, Internet Communication Manager ICM, and SAP Content Server allow an unauthenticated user to exploit logical errors that lead to a memory corruption vulnerability. This results in high impact on the availability with no impact on confidentiality or integrity of the application...
CVE-2025-42877
SAP Web Dispatcher, Internet Communication Manager ICM, and SAP Content Server allow an unauthenticated user to exploit logical errors that lead to a memory corruption vulnerability. This results in high impact on the availability with no impact on confidentiality or integrity of the application...
CVE-2025-42877
CVE-2025-42877 affects SAP Web Dispatcher, SAP Internet Communication Manager (ICM), and SAP Content Server. The issue is described as a memory corruption vulnerability caused by logical errors, with unauthenticated access and impact limited to availability (CONFIDENTIALITY/INTEGRITY not affected...
CVE-2025-42877 Memory Corruption vulnerability in SAP Web Dispatcher, Internet Communication Manager and SAP Content Server
SAP Web Dispatcher, Internet Communication Manager ICM, and SAP Content Server allow an unauthenticated user to exploit logical errors that lead to a memory corruption vulnerability. This results in high impact on the availability with no impact on confidentiality or integrity of the application...