Lucene search
K

453 matches found

UbuntuCve
UbuntuCve
added 2026/02/27 8:21 p.m.6 views

CVE-2026-27810

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an...

6.4CVSS6AI score0.00206EPSS
Exploits1References2
OSV
OSV
added 2026/02/27 8:21 p.m.5 views

UBUNTU-CVE-2026-27824

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, the calibre Content Server's brute-force protection mechanism uses a ban key derived from both remoteaddr and the X-Forwarded-For header. Since the X-Forwarded-For header i...

5.3CVSS5.8AI score0.00148EPSS
Exploits1References3
OSV
OSV
added 2026/02/27 8:21 p.m.5 views

UBUNTU-CVE-2026-27810

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an...

6.4CVSS5.9AI score0.00206EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/02/27 7:46 p.m.4 views

CVE-2026-27824

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, the calibre Content Server's brute-force protection mechanism uses a ban key derived from both remoteaddr and the X-Forwarded-For header. Since the X-Forwarded-For header i...

5.3CVSS5.9AI score0.00148EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/02/27 7:46 p.m.28 views

CVE-2026-27824

CVE-2026-27824 affects calibre (Content Server) prior to version 9.4.0 where brute-force protection derives its ban key from both remote_addr and X-Forwarded-For. Because X-Forwarded-For is read directly from the HTTP request without validation or trusted-proxy checks, an attacker can bypass IP-b...

5.3CVSS5.9AI score0.00148EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2026/02/27 7:46 p.m.10 views

EUVD-2026-9057

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, the calibre Content Server's brute-force protection mechanism uses a ban key derived from both remoteaddr and the X-Forwarded-For header. Since the X-Forwarded-For header i...

5.3CVSS5.9AI score0.00148EPSS
Exploits1References1
OSV
OSV
added 2026/02/27 7:46 p.m.6 views

CVE-2026-27824 calibre has IP Ban Bypass via X-Forwarded-For Header Spoofing

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, the calibre Content Server's brute-force protection mechanism uses a ban key derived from both remoteaddr and the X-Forwarded-For header. Since the X-Forwarded-For header i...

5.3CVSS5.9AI score0.00148EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/02/27 7:44 p.m.20 views

CVE-2026-27810 calibre Vulnerable to HTTP Response Header Injection

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an...

6.4CVSS0.00206EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/02/27 7:44 p.m.7 views

CVE-2026-27810

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an...

6.4CVSS6AI score0.00206EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/27 7:44 p.m.5 views

CVE-2026-27810 calibre Vulnerable to HTTP Response Header Injection

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an...

6.4CVSS6AI score0.00206EPSS
Exploits1References1
EUVD
EUVD
added 2026/02/27 7:44 p.m.6 views

EUVD-2026-9056

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an...

6.4CVSS6AI score0.00206EPSS
Exploits1References1
OSV
OSV
added 2026/02/27 7:44 p.m.6 views

CVE-2026-27810 calibre Vulnerable to HTTP Response Header Injection

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an...

6.4CVSS6AI score0.00206EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.5 views

PT-2026-22385

Name of the Vulnerable Software and Affected Versions calibre versions prior to 9.4.0 Description calibre is an e-book manager used for viewing, converting, editing, and cataloging e-books. The Content Server’s brute-force protection mechanism relies on a ban key derived from both the remote addr...

9.3CVSS6AI score0.0088EPSS
Exploits7References21
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.8 views

PT-2026-22384

Name of the Vulnerable Software and Affected Versions calibre versions prior to 9.4.0 Description calibre is an e-book manager for viewing, converting, editing, and cataloging e-books. A HTTP Response Header Injection exists in the calibre Content Server for versions before 9.4.0. An authenticate...

9.3CVSS6AI score0.0088EPSS
Exploits11References22
GithubExploit
GithubExploit
added 2025/12/16 3:37 a.m.165 views

Exploit for Improper Input Validation in Hyland Perceptive_Content_Server

CVE-2018-19629 Test Environment Docker test environment for C...

7.5CVSS6.8AI score0.0148EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/12/10 2:32 a.m.5 views

CVE-2025-42877

SAP Web Dispatcher, Internet Communication Manager ICM, and SAP Content Server allow an unauthenticated user to exploit logical errors that lead to a memory corruption vulnerability. This results in high impact on the availability with no impact on confidentiality or integrity of the application...

7.5CVSS6.9AI score0.00456EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/09 6:30 p.m.4 views

EUVD-2025-201850

SAP Web Dispatcher, Internet Communication Manager ICM, and SAP Content Server allow an unauthenticated user to exploit logical errors that lead to a memory corruption vulnerability. This results in high impact on the availability with no impact on confidentiality or integrity of the application...

7.5CVSS6.5AI score0.00456EPSS
Exploits0References3
NVD
NVD
added 2025/12/09 4:17 p.m.9 views

CVE-2025-42877

SAP Web Dispatcher, Internet Communication Manager ICM, and SAP Content Server allow an unauthenticated user to exploit logical errors that lead to a memory corruption vulnerability. This results in high impact on the availability with no impact on confidentiality or integrity of the application...

7.5CVSS0.00456EPSS
Exploits0References2
CVE
CVE
added 2025/12/09 2:14 a.m.13 views

CVE-2025-42877

CVE-2025-42877 affects SAP Web Dispatcher, SAP Internet Communication Manager (ICM), and SAP Content Server. The issue is described as a memory corruption vulnerability caused by logical errors, with unauthenticated access and impact limited to availability (CONFIDENTIALITY/INTEGRITY not affected...

7.5CVSS6.6AI score0.00456EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/09 2:14 a.m.2 views

CVE-2025-42877 Memory Corruption vulnerability in SAP Web Dispatcher, Internet Communication Manager and SAP Content Server

SAP Web Dispatcher, Internet Communication Manager ICM, and SAP Content Server allow an unauthenticated user to exploit logical errors that lead to a memory corruption vulnerability. This results in high impact on the availability with no impact on confidentiality or integrity of the application...

7.5CVSS6.6AI score0.00456EPSS
Exploits0References2
Rows per page
Query Builder