CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cgi.c in weborf .0.17, 0.18, 0.19, and 0.20 before 1.0 lacks '\0' termination of the path for CGI scripts because strncpy is misused. CVE-2023-46586 Note that...

9.1CVSS8.1AI score0.00415EPSS

Exploits0References2

RedhatCVE•added 2025/05/22 3:14 a.m.•8 views

CVE-2010-3306

Directory traversal vulnerability in the modURL function in instance.c in Weborf before 0.12.3 allows remote attackers to read arbitrary files via ..%2f sequences in a URI...

5CVSS7AI score0.06398EPSS

Exploits1References1

OSV•added 2024/10/09 6:15 a.m.•2 views

DEBIAN-CVE-2023-46586

cgi.c in weborf .0.17, 0.18, 0.19, and 0.20 before 1.0 lacks '\0' termination of the path for CGI scripts because strncpy is misused...

9.1CVSS8.4AI score0.00415EPSS

Exploits0References1

NVD•added 2024/10/09 6:15 a.m.•6 views

CVE-2023-46586

cgi.c in weborf .0.17, 0.18, 0.19, and 0.20 before 1.0 lacks '\0' termination of the path for CGI scripts because strncpy is misused...

9.1CVSS0.00415EPSS

Exploits0References4

OSV•added 2024/10/09 6:15 a.m.•13 views

CVE-2023-46586

cgi.c in weborf .0.17, 0.18, 0.19, and 0.20 before 1.0 lacks '\0' termination of the path for CGI scripts because strncpy is misused...

9.1CVSS6.8AI score

Exploits0References4

OSV•added 2024/10/09 6:15 a.m.•0 views

UBUNTU-CVE-2023-46586

cgi.c in weborf .0.17, 0.18, 0.19, and 0.20 before 1.0 lacks '\0' termination of the path for CGI scripts because strncpy is misused...

9.1CVSS5.8AI score0.00415EPSS

Exploits0References3

Vulnrichment•added 2024/10/09 12:0 a.m.•10 views

CVE-2023-46586

cgi.c in weborf .0.17, 0.18, 0.19, and 0.20 before 1.0 lacks '\0' termination of the path for CGI scripts because strncpy is misused...

6.9AI score0.00415EPSS

Exploits0References4

CNNVD•added 2024/10/09 12:0 a.m.•1 views

Weborf 安全漏洞

Weborf is a lightweight web server by the individual developer of ltworf. A security vulnerability exists in Weborf versions prior to 1.0, which stems from a misuse of strncpy and a missing terminator in cgi.c for CGI script paths...

9.1CVSS8.8AI score0.00415EPSS

Exploits0References5

Cvelist•added 2024/10/09 12:0 a.m.•9 views

CVE-2023-46586

cgi.c in weborf .0.17, 0.18, 0.19, and 0.20 before 1.0 lacks '\0' termination of the path for CGI scripts because strncpy is misused...

0.00415EPSS

Exploits0References4

Veracode•added 2023/10/26 8:39 p.m.•8 views

Denial Of Service (DoS)

weborf is vulnerable to Denial of Service DoS. An attacker could exploit this vulnerability by sending a specially crafted multiget request to a vulnerable weborf server which would then attempt to process the request, which would cause the server to crash...

9.1CVSS6.9AI score0.00415EPSS

Exploits0

Positive Technologies•added 2023/10/25 12:0 a.m.•2 views

PT-2023-30103 · Weborf +1 · Weborf +1

Name of the Vulnerable Software and Affected Versions: Weborf versions 0.17 through 0.20 Itworf versions prior to 88 Description: The issue is related to a null termination flaw in the cgi.c file of Weborf, where the path for CGI scripts lacks '0' termination due to the misuse of strncpy. This...

9.1CVSS7.1AI score0.00415EPSS

Exploits0References38

OSV•added 2019/11/20 4:15 p.m.•6 views

CVE-2011-0529

Weborf before 0.12.5 is affected by a Denial of Service DOS due to malformed fields in HTTP...

7.5CVSS6.7AI score0.00447EPSS

Exploits1References4

NVD•added 2019/11/20 4:15 p.m.•12 views

CVE-2011-0529

Weborf before 0.12.5 is affected by a Denial of Service DOS due to malformed fields in HTTP...

7.5CVSS7.5AI score0.00447EPSS

Exploits1References2