Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

Vulnrichment
Vulnrichmentadded 2026/03/06 2:54 a.m.4 views

CVE-2026-29046 TinyWeb: HTTP Header Control Character Injection into CGI Environment

TinyWeb is a web server HTTP, HTTPS written in Delphi for Win32. Prior to version 2.04, TinyWeb accepts request header values and later maps them into CGI environment variables HTTP. The parser did not strictly reject dangerous control characters in header lines and header values, including CR, L...

9.2CVSS5.8AI score0.00387EPSS
Exploits1References2
Cvelist
Cvelistadded 2026/02/25 11:7 p.m.27 views

CVE-2026-27633 TinyWeb has Unbounded Content-Length Memory Exhaustion (DoS)

TinyWeb is a web server HTTP, HTTPS written in Delphi for Win32. Versions prior to version 2.02 have a Denial of Service DoS vulnerability via memory exhaustion. Unauthenticated remote attackers can send an HTTP POST request to the server with an exceptionally large Content-Length header e.g.,...

8.7CVSS0.00436EPSS
Exploits0References3
EUVD
EUVDadded 2026/02/25 11:5 p.m.3 views

EUVD-2026-8764

TinyWeb is a web server HTTP, HTTPS written in Delphi for Win32. Versions prior to version 2.02 are vulnerable to a Denial of Service DoS attack known as Slowloris. The server spawns a new OS thread for every incoming connection without enforcing a maximum concurrency limit or an appropriate...

8.7CVSS5.8AI score0.00436EPSS
Exploits0References3
EUVD
EUVDadded 2026/02/25 10:58 p.m.5 views

EUVD-2026-8763

TinyWeb is a web server HTTP, HTTPS written in Delphi for Win32. A vulnerability in versions prior to 2.01 allows unauthenticated remote attackers to bypass the web server's CGI parameter security controls. Depending on the server configuration and the specific CGI executable in use, the impact i...

10CVSS6.4AI score0.00748EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-34679

Malicious code in bioql PyPI...

8.6CVSS6.6AI score0.01226EPSS
Exploits1References1
OSV
OSVadded 2024/05/14 3:38 p.m.3 views

CVE-2024-34199

TinyWeb 1.94 and below allows unauthenticated remote attackers to cause a denial of service Buffer Overflow when sending excessively large elements in the request line...

8.6CVSS6.8AI score
Exploits0References3
Cvelist
Cvelistadded 2024/05/10 4:24 p.m.12 views

CVE-2024-34199

TinyWeb 1.94 and below allows unauthenticated remote attackers to cause a denial of service Buffer Overflow when sending excessively large elements in the request line...

7AI score0.01226EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2024/05/10 12:0 a.m.3 views

PT-2024-25734

Name of the Vulnerable Software and Affected Versions TinyWeb versions 1.94 and below Description The issue allows unauthenticated remote attackers to cause a denial of service, specifically a buffer overflow, when sending excessively large elements in the request line. Recommendations For TinyWe...

8.6CVSS7AI score0.01226EPSS
Exploits1References7
NVD
NVDadded 2004/12/31 5:0 a.m.13 views

CVE-2004-2636

TinyWeb 1.9 allows remote attackers to read source code of scripts via "/./" in the URL...

5CVSS6.8AI score0.0287EPSS
Exploits1References5
securityvulns
securityvulnsadded 2004/06/03 12:0 a.m.29 views

[NT] TinyWeb Script Disclosure Vulnerability

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

7AI score
Exploits0
Rows per page
Query Builder