Lucene search
K

459 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:47 a.m.19 views

CVE-2022-0072

Directory Traversal vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Path Traversal. This affects versions from 1.5.11 through 1.5.12, from 1.6.5 through 1.6.20.1, from 1.7.0 before 1.7.16.1...

5.8CVSS6.9AI score0.00971EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:50 p.m.9 views

CVE-2022-30592

liblsquic/lsquicqenchdl.c in LiteSpeed QUIC aka LSQUIC before 3.1.0 mishandles MAXTABLECAPACITY...

9.8CVSS6.9AI score0.03246EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:4 p.m.10 views

CVE-2021-24963

The LiteSpeed Cache WordPress plugin before 4.4.4 does not escape the qcres parameter before outputting it back in the JS code of an admin page, leading to a Reflected Cross-Site Scripting...

4.8CVSS6.8AI score0.00654EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:3 p.m.10 views

CVE-2021-24964

The LiteSpeed Cache WordPress plugin before 4.4.4 does not properly verify that requests are coming from QUIC.cloud servers, allowing attackers to make requests to certain endpoints by using a specific X-Forwarded-For header value. In addition, one of the endpoint could be used to set CSS code if...

6.1CVSS6.4AI score0.01216EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:45 p.m.11 views

CVE-2020-29172

A cross-site scripting XSS vulnerability in the LiteSpeed Cache plugin before 3.6.1 for WordPress can be exploited via the Server IP setting...

6.1CVSS5.9AI score0.0093EPSS
Exploits1
Patchstack
Patchstack
added 2025/05/07 12:24 p.m.8 views

WordPress LiteSpeed Cache plugin <= 7.0.1 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by TaiYou in WordPress Plugin LiteSpeed Cache versions = 7.0.1...

6.4CVSS8.4AI score0.00235EPSS
Exploits0Affected Software1
Packet Storm
Packet Storm
added 2025/03/31 12:0 a.m.349 views

Litespeed Cache 6.5.0.1 Authentication Bypass

Litespeed Cache version 6.5.0.1 suffers from an authentication bypass vulnerability. Exploit Title: Litespeed unauthorized account takeover Google Dork: if applicable Date: reported on 17 September 2024 Exploit Author: Gnzls Vendor Homepage: https://www.litespeedtech.com/ Software Link:...

9.8CVSS7.5AI score0.83178EPSS
Exploits7
Exploit DB
Exploit DB
added 2025/03/28 12:0 a.m.222 views

Litespeed Cache 6.5.0.1 - Authentication Bypass

Exploit Title: Litespeed Cache 6.5.0.1 - Authentication Bypass Google Dork: if applicable Date: reported on 17 September 2024 Exploit Author: Gnzls Vendor Homepage: https://www.litespeedtech.com/ Software Link: https://github.com/gbrsh/CVE-2024-44000?tab=readme-ov-file Version: 6.5.0.1 Tested on:...

9.8CVSS9.8AI score0.83178EPSS
Exploits7
VulnCheck KEV
VulnCheck KEV
added 2025/03/19 12:0 a.m.3 views

VulnCheck KEV: CVE-2022-0073

Improper Input Validation vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Command Injection. This affects 1.7.0 versions before 1.7.16.1...

8.8CVSS5.8AI score0.08663EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
added 2025/03/19 12:0 a.m.6 views

VulnCheck KEV: CVE-2022-0074

Untrusted Search Path vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server Container allows Privilege Escalation. This affects versions from 1.6.15 before 1.7.16.1...

8.8CVSS5.8AI score0.01154EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
added 2025/03/19 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-47374

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through = 6.5.0.2...

7.1CVSS5.8AI score0.0138EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2025/02/27 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-44000

Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Authentication Bypass.This issue affects LiteSpeed Cache: from n/a through 6.5.0.1...

9.8CVSS5.8AI score0.83178EPSS
Exploits7References1
RedhatCVE
RedhatCVE
added 2025/02/22 12:26 a.m.6 views

CVE-2025-24947

A hash collision vulnerability in the hash table used to manage connections in LSQUIC aka LiteSpeed QUIC before 4.2.0 allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs. This is caused by...

5.3CVSS6.9AI score0.00622EPSS
Exploits0References1
NVD
NVD
added 2025/02/20 3:15 a.m.7 views

CVE-2025-24947

A hash collision vulnerability in the hash table used to manage connections in LSQUIC aka LiteSpeed QUIC before 4.2.0 allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs. This is caused by...

5.3CVSS0.00622EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/02/20 12:0 a.m.4 views

Litespeed Technologie LiteSpeed QUIC(LSQUIC) 安全漏洞

Litespeed Technologie LiteSpeed QUIC LSQUIC is an open source implementation of QUIC and HTTP/3 functionality for servers and clients from Litespeed Technologie, USA. A security vulnerability exists in Litespeed Technologie LiteSpeed QUIC LSQUIC prior to version 4.2.0 that stems from the presence...

5.3CVSS6.7AI score0.00622EPSS
Exploits0References3
CVE
CVE
added 2025/02/20 12:0 a.m.53 views

CVE-2025-24947

CVE-2025-24947 (LSQUIC) : LSQUIC (LiteSpeed QUIC) versions prior to 4.2.0 are affected by a hash collision vulnerability in the hash table used to manage connections. Remote attackers can trigger a Hash DoS by initiating connections with colliding Source Connection IDs (SCIDs) due to XXH32 usage,...

5.3CVSS5.3AI score0.00622EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/05 7:18 p.m.15 views

CVE-2022-0073

Improper Input Validation vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Command Injection. This affects 1.7.0 versions before 1.7.16.1...

8.8CVSS6.9AI score0.08663EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 8:32 a.m.8 views

CVE-2024-47637

Relative Path Traversal vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Path Traversal.This issue affects LiteSpeed Cache: from n/a through = 6.4.1...

8.8CVSS5.9AI score0.00634EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:51 a.m.3 views

CVE-2024-50550

Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Privilege Escalation.This issue affects LiteSpeed Cache: from n/a through = 6.5.1...

9.8CVSS7.4AI score0.00913EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:59 a.m.8 views

CVE-2024-28000

Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache.This issue affects LiteSpeed Cache: from n/a through = 6.3.0.1...

9.8CVSS6AI score0.68266EPSS
Exploits8References1
Rows per page
Query Builder