15 matches found
EUVD-2007-3934
Malware in sbrugna...
EUVD-2023-39719
Malicious code in bioql PyPI...
CVE-2023-35720
ASUS RT-AX92U lighttpd modwebdav.so SQL Injection Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected ASUS RT-AX92U routers. Authentication is not required to exploit this vulnerability. The specific flaw exists...
CVE-2023-35720
ASUS RT-AX92U lighttpd modwebdav.so SQL Injection Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected ASUS RT-AX92U routers. Authentication is not required to exploit this vulnerability. The specific flaw exists...
lighttpd to 1.4.35 (important)
lighttpd was updated to version 1.4.35, fixing bugs and security issues: CVE-2014-2323: SQL injection vulnerability in modmysqlvhost.c in lighttpd allowed remote attackers to execute arbitrary SQL commands via the host name, related to requestcheckhostname. CVE-2014-2323: Multiple directory...
openSUSE Security Update : lighttpd (lighttpd-309)
Various issues have been fixed in lighttpd. CVE-2008-4298, CVE-2008-4359 and CVE-2008-4360 have been assigned to thess issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update lighttpd-309. The...
openSUSE 10 Security Update : lighttpd (lighttpd-5785)
Various issues have been fixed in lighttpd. CVE-2008-4298, CVE-2008-4359 and CVE-2008-4360 have been assigned to thess issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update lighttpd-5785. Th...
Debian DSA-1362-2 : lighttpd - several vulnerabilities
Several vulnerabilities were discovered in lighttpd, a fast webserver with minimal memory footprint, which could allow the execution of arbitrary code via the overflow of CGI variables when modfcgi was enabled. The Common Vulnerabilities and Exposures project identifies the following problems : -...
[SECURITY] [DSA 1362-1] New lighttpd packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1362 [email protected] http://www.debian.org/security/ Steve Kemp August 29th, 2007 http://www.debian.org/security/faq - ------------------------------------------------------------------------...
CVE-2007-3950
lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service daemon crash via unspecified vectors involving the use of incompatible format specifiers in certain debugging messages in the 1 modscgi, 2 modfastcgi, and 3 modwebdav modules...
Format string
lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service daemon crash via unspecified vectors involving the use of incompatible format specifiers in certain debugging messages in the 1 modscgi, 2 modfastcgi, and 3 modwebdav modules...
CVE-2007-3950
lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service daemon crash via unspecified vectors involving the use of incompatible format specifiers in certain debugging messages in the 1 modscgi, 2 modfastcgi, and 3 modwebdav modules...
CVE-2007-3950
CVE-2007-3950 affects lighttpd 1.4.15 on 32‑bit platforms. The issue is caused by incompatible format specifiers in debugging messages within the modules (mod_scgi, mod_fastcgi, mod_webdav), allowing remote attackers to cause a denial of service (daemon crash). The connected documents indicate th...
CVE-2007-3950
lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service daemon crash via unspecified vectors involving the use of incompatible format specifiers in certain debugging messages in the 1 modscgi, 2 modfastcgi, and 3 modwebdav modules...
CVE-2007-3950
lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service daemon crash via unspecified vectors involving the use of incompatible format specifiers in certain debugging messages in the 1 modscgi, 2 modfastcgi, and 3 modwebdav modules...