Filter
Versions
1.4.15
10
1.4.7
7
1.4.8
7
1.3.16
6
1.4.10
6
1.4.12
6
1.4.13
6
1.4.18
6
1.4.3
6
1.4.4
6
1.4.5
6
1.4.6
6
1.4.9
6
1.3.0
5
1.3.1
5
1.3.10
5
1.3.11
5
1.3.12
5
1.3.13
5
1.3.14
5
1.3.15
5
1.3.2
5
1.3.3
5
1.3.4
5
1.3.5
5
1.3.6
5
1.3.7
5
1.3.8
5
1.3.9
5
1.4.0
5
1.4.1
5
1.4.2
5
1.1.1
4
1.1.2
4
1.1.3
4
1.1.4
4
1.1.5
4
1.1.6
4
1.1.7
4
1.1.8
4
1.1.9
4
1.2.1
4
1.2.2
4
1.2.3
4
1.2.5
4
1.2.6
4
1.2.7
4
1.2.8
4
1.4.11
4
1.4.16
4
1.4.19
4
1.0.2
3
1.0.3
3
1.1.0
3
1.2.0
3
1.2.4
3
1.4.14
3
1.4.17
3
1.4.24
3
1.4.20
2
1.4.21
2
1.4.22
2
1.4.23
2
1.4.25
2
1.4.56
2
1.5.0
2
0.1
1
1.4.26
1
1.4.27
1
1.4.31
1
1.4.32
1
1.4.33
1
1.4.35
1
1.4.46
1
1.4.53
1
1.4.57
1
1.4.58
1
1.4.63
1
1.4.65
1
1.5
1
Lighttpdmod_access.c in lighttpd 1.4.15 ignores trailing / (slash) characters in the URL, which allows remot…
8.3
First published (updated )
Debian Debian Linuxlighttpd before 1.4.33 does not check the return value of the (1) setuid, (2) setgid, or (3) setgrou…
7.6
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Lighttpdmod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a bas…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
debian/lighttpdA resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service …
7.5
First published (updated )
LighttpdLighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumptio…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Lighttpdmod_auth (http_auth.c) in lighttpd before 1.4.16 allows remote attackers to cause a denial of servic…
6.4
First published (updated )
Lighttpdrequest.c in lighttpd 1.4.15 allows remote attackers to cause a denial of service (daemon crash) by …
5.8
First published (updated )
LighttpdUse-after-free vulnerabilities in lighttpd <= 1.4.50
5.3
First published (updated )
LighttpdThe buffer_urldecode function in Lighttpd 1.3.7 and earlier does not properly handle control charact…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Lighttpdresponse.c in Lighttpd 1.4.10 and possibly previous versions, when run on Windows, allows remote att…
First published (updated )
LighttpdThe http_request_split_value function in request.c in lighttpd before 1.4.32 allows remote attackers…
First published (updated )
Lighttpdlighttpd 1.4.12 and 1.4.13 allows remote attackers to cause a denial of service (cpu and resource co…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Debian Debian LinuxInteger signedness error in the base64_decode function in the HTTP authentication functionality (htt…
First published (updated )
Lighttpdlighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read operation that occurs for a requ…
First published (updated )
Lighttpdlighttpd 1.4.18, and possibly other versions before 1.5.0, does not properly calculate the size of a…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.