104 matches found
CVE-2023-40518
LiteSpeed OpenLiteSpeed before 1.7.18 does not strictly validate HTTP request headers...
CVE-2023-40518
LiteSpeed OpenLiteSpeed before 1.7.18 does not strictly validate HTTP request headers...
CVE-2023-40518
LiteSpeed OpenLiteSpeed before 1.7.18 does not strictly validate HTTP request headers...
Design/Logic Flaw
LiteSpeed OpenLiteSpeed before 1.7.18 does not strictly validate HTTP request headers...
CVE-2023-40518
LiteSpeed OpenLiteSpeed before 1.7.18 does not strictly validate HTTP request headers...
Litespeed Technologie OpenLiteSpeed Security Breach
Litespeed Technologie OpenLiteSpeed is an open source web server from Litespeed Technologie. A security vulnerability exists in LiteSpeed OpenLiteSpeed versions prior to 1.7.18, which stems from not strictly validating HTTP request headers...
CVE-2023-40518
LiteSpeed OpenLiteSpeed before 1.7.18 does not strictly validate HTTP request headers...
CVE-2023-40518
LiteSpeed OpenLiteSpeed
The vulnerability of LiteSpeed and OpenLiteSpeed web application server software lies in the use of an insecure search path, which allows attackers to escalate their privileges.
The vulnerability of LiteSpeed and OpenLiteSpeed web application server software lies in the use of an insecure search path. Exploiting this vulnerability can allow a remote attacker to increase their privileges...
The vulnerability of the software for server-based web applications, LiteSpeed and OpenLiteSpeed, allows a perpetrator to execute arbitrary code.
The vulnerability of the LiteSpeed and OpenLiteSpeed web application server software relates to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
Multiple High-Severity Flaws Affect Widely Used OpenLiteSpeed Web Server Software
Multiple high-severity flaws have been uncovered in the open source OpenLiteSpeed Web Server as well as its enterprise variant that could be weaponized to achieve remote code execution. "By chaining and exploiting the vulnerabilities, adversaries could compromise the web server and gain fully...
CVE-2022-0072
Directory Traversal vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Path Traversal. This affects versions from 1.5.11 through 1.5.12, from 1.6.5 through 1.6.20.1, from 1.7.0 before 1.7.16.1...
CVE-2022-0074
Untrusted Search Path vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server Container allows Privilege Escalation. This affects versions from 1.6.15 before 1.7.16.1...
CVE-2022-0072
Directory Traversal vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Path Traversal. This affects versions from 1.5.11 through 1.5.12, from 1.6.5 through 1.6.20.1, from 1.7.0 before 1.7.16.1...
CVE-2022-0073
Improper Input Validation vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Command Injection. This affects 1.7.0 versions before 1.7.16.1...
CVE-2022-0073
Improper Input Validation vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Command Injection. This affects 1.7.0 versions before 1.7.16.1...
Directory traversal
Directory Traversal vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Path Traversal. This affects versions from 1.5.11 through 1.5.12, from 1.6.5 through 1.6.20.1, from 1.7.0 before 1.7.16.1...
CVE-2022-0074 Privilege Escalation in OpenLiteSpeed Web Server
Untrusted Search Path vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server Container allows Privilege Escalation. This affects versions from 1.6.15 before 1.7.16.1...
CVE-2022-0074 Privilege Escalation in OpenLiteSpeed Web Server
Untrusted Search Path vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server Container allows Privilege Escalation. This affects versions from 1.6.15 before 1.7.16.1...
CVE-2022-0074
CVE-2022-0074 affects LiteSpeed/OpenLiteSpeed Web Server and Container. Affected: OpenLiteSpeed Web Server and LiteSpeed Web Server Container, versions 1.6.15–before 1.7.16.1. Root cause: Untrusted Search Path, enabling Privilege Escalation. Impact: Privilege elevation as stated across Red Hat, N...