80 matches found
CVE-2025-57784
Tomahawk auth timing attack due to usage of strcmp has been identified in Hiawatha webserver version 11.7 which allows a local attacker to access the management client...
CVE-2025-57783
Improper header parsing may lead to request smuggling has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to access restricted resources managed by Hiawatha webserver...
CVE-2025-57785
A Double Free in XSLT showindex has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to corrupt data which may lead to arbitrary code execution...
CVE-2025-57784
Tomahawk auth timing attack due to usage of strcmp has been identified in Hiawatha webserver version 11.7 which allows a local attacker to access the management client...
CVE-2025-57784
Tomahawk auth timing attack due to usage of strcmp has been identified in Hiawatha webserver version 11.7 which allows a local attacker to access the management client...
CVE-2025-57785
A Double Free in XSLT showindex has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to corrupt data which may lead to arbitrary code execution...
CVE-2025-57785
A Double Free in XSLT showindex has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to corrupt data which may lead to arbitrary code execution...
CVE-2025-57783
Improper header parsing may lead to request smuggling has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to access restricted resources managed by Hiawatha webserver...
CVE-2025-57783
Improper header parsing may lead to request smuggling has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to access restricted resources managed by Hiawatha webserver...
CVE-2025-57784 Tomahawk authentication timing attack due to usage of 'strcmp'
Tomahawk auth timing attack due to usage of strcmp has been identified in Hiawatha webserver version 11.7 which allows a local attacker to access the management client...
EUVD-2025-206342
Tomahawk auth timing attack due to usage of strcmp has been identified in Hiawatha webserver version 11.7 which allows a local attacker to access the management client...
CVE-2025-57784
Tomahawk auth timing attack due to usage of strcmp has been identified in Hiawatha webserver version 11.7 which allows a local attacker to access the management client...
CVE-2025-57784
CVE-2025-57784 refers to a Tomahawk authentication timing attack in the Hiawatha webserver (version 11.7) caused by the use of strcmp in the admin handling path, which could enable a local attacker to access the management client. The Red Hat and CVE records corroborate the issue as a local-timin...
CVE-2025-57784 Tomahawk authentication timing attack due to usage of 'strcmp'
Tomahawk auth timing attack due to usage of strcmp has been identified in Hiawatha webserver version 11.7 which allows a local attacker to access the management client...
CVE-2025-57785 Double free in XSLT in 'show_index'
A Double Free in XSLT showindex has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to corrupt data which may lead to arbitrary code execution...
CVE-2025-57785 Double free in XSLT in 'show_index'
A Double Free in XSLT showindex has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to corrupt data which may lead to arbitrary code execution...
EUVD-2025-206341
A Double Free in XSLT showindex has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to corrupt data which may lead to arbitrary code execution...
CVE-2025-57785
CVE-2025-57785 — Double Free in XSLT show_index (Hiawatha Webserver) Affected software: Hiawatha webserver versions 10.8.2 through 11.7 (as cited by Red Hat and CVE trackers). Technical detail: The vulnerability is a double free in the XSLT function show_index, a memory management error that may ...
CVE-2025-57785
A Double Free in XSLT showindex has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to corrupt data which may lead to arbitrary code execution...
EUVD-2025-206340
Improper header parsing may lead to request smuggling has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to access restricted resources managed by Hiawatha webserver...