[SECURITY] Fedora 44 Update: libmicrohttpd-1.0.5-1.fc44

GNU libmicrohttpd is a small C library that is supposed to make it easy to run an HTTP server as part of another application. Key features that distinguish libmicrohttpd from other projects are: C library: fast and small API is simple, expressive and fully reentrant Implementation is http 1.1...

CVE-2022-43389

A buffer overflow vulnerability in the library of the web server in Zyxel NR7101 firmware prior to V1.15ACCC.3C0, which could allow an unauthenticated attacker to execute some OS commands or to cause denial-of-service DoS conditions on a vulnerable device...

CVE-2018-20352

Use-after-free vulnerability in the mgcgievhandler function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...

CVE-2018-20356

An invalid read of 8 bytes due to a use-after-free vulnerability in the mghttpfreeprotodatacgi function call in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...

CVE-2018-20353

An invalid read of 8 bytes due to a use-after-free vulnerability during a "NULL test" in the mghttpgetprotodata function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...

CVE-2018-20356

An invalid read of 8 bytes due to a use-after-free vulnerability in the mghttpfreeprotodatacgi function call in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...

Design/Logic Flaw

Use-after-free vulnerability in the mgcgievhandler function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...

CVE-2018-20356

An invalid read of 8 bytes due to a use-after-free vulnerability in the mghttpfreeprotodatacgi function call in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...

CVE-2018-20355

An invalid write of 8 bytes due to a use-after-free vulnerability in the mghttpfreeprotodatacgi function call in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...

CVE-2018-20354

The CVE-2018-20354 issue affects Cesanta Mongoose Embedded Web Server Library (versions 6.13 and earlier). A use-after-free in mg_http_get_proto_data during a return causes an invalid read of 8 bytes, leading to denial of service (crash) or remote code execution. NVD data shows high/critical impa...

CVE-2017-16155

fast-http-cli is the command line interface for fast-http, a simple web server. fast-http-cli is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

Mongoose Web Server 6.5 - Cross-Site Request Forgery Remote Code Execution

Mongoose Web Server 6.5 - Cross-Site Request Forgery Remote Code Execution + Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MONGOOSE-WEB-SERVER-v6.5-CSRF-COMMAND-EXECUTION.txt + ISR: apparitionSec Vendor: ===============...

CVE-2017-7185

CVE-2017-7185 is a use-after-free in Cesanta’s Mongoose Embedded Web Server Library (mg_http_multipart_wait_for_boundary) affecting versions<=6.7 and Mongoose OS