Filters

Versions

1.4.15
10
1.4.7
7
1.4.8
7
1.3.16
6
1.4.10
6
1.4.12
6
1.4.13
6
1.4.18
6
1.4.3
6
1.4.4
6
1.4.5
6
1.4.6
6
1.4.9
6
1.3.0
5
1.3.1
5
1.3.10
5
1.3.11
5
1.3.12
5
1.3.13
5
1.3.14
5
1.3.15
5
1.3.2
5
1.3.3
5
1.3.4
5
1.3.5
5
1.3.6
5
1.3.7
5
1.3.8
5
1.3.9
5
1.4.0
5
1.4.1
5
1.4.2
5
1.1.1
4
1.1.2
4
1.1.3
4
1.1.4
4
1.1.5
4
1.1.6
4
1.1.7
4
1.1.8
4
1.1.9
4
1.2.1
4
1.2.2
4
1.2.3
4
1.2.5
4
1.2.6
4
1.2.7
4
1.2.8
4
1.4.11
4
1.4.16
4
1.4.19
4
1.0.2
3
1.0.3
3
1.1.0
3
1.2.0
3
1.2.4
3
1.4.14
3
1.4.17
3
1.4.24
3
1.4.20
2
1.4.21
2
1.4.22
2
1.4.23
2
1.4.25
2
1.4.56
2
1.5.0
2
1.4.26
1
1.4.27
1
1.4.31
1
1.4.32
1
1.4.33
1
1.4.35
1
1.4.46
1
1.4.53
1
1.4.57
1
1.4.58
1
1.4.63
1
1.4.65
1
1.5
1

debian/lighttpdA resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service …

high
7.5
First published (updated )
CVE-2022-41556

Lighttpd LighttpdNull Pointer Dereference

high
7.5
First published (updated )
CVE-2022-37797

Lighttpd LighttpdLighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumptio…

high
7.5
First published (updated )
CVE-2022-30780

Debian Debian LinuxBuffer Overflow

medium
5.9
First published (updated )
CVE-2022-22707

Lighttpd LighttpdInteger Overflow

critical
9.8
First published (updated )
CVE-2019-11072

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

SUSE SUSE Linux Enterprise ServerPath Traversal

high
7.5
First published (updated )
CVE-2018-19052

Lighttpd Lighttpdmod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a bas…

high
7.5
First published (updated )
CVE-2015-3200

Debian Debian LinuxPath Traversal

medium
5
First published (updated )
CVE-2014-2324

Debian Debian LinuxSQL Injection

critical
9.8
First published (updated )
CVE-2014-2323

Debian Debian Linuxlighttpd before 1.4.33 does not check the return value of the (1) setuid, (2) setgid, or (3) setgrou…

high
7.6
First published (updated )
CVE-2013-4559

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Debian Debian LinuxUse After Free

medium
5
First published (updated )
CVE-2013-4560

Debian Debian LinuxWeak Encryption

high
7.5
First published (updated )
CVE-2013-4508

Lighttpd LighttpdRace Condition

low
1.9
First published (updated )
CVE-2013-1427

Lighttpd LighttpdThe http_request_split_value function in request.c in lighttpd before 1.4.32 allows remote attackers…

medium
5
First published (updated )
CVE-2012-5533

Debian Debian LinuxInteger signedness error in the base64_decode function in the HTTP authentication functionality (htt…

medium
5
First published (updated )
CVE-2011-4362

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Lighttpd Lighttpdlighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read operation that occurs for a requ…

medium
5
First published (updated )
CVE-2010-0295

Lighttpd LighttpdInfoleak

high
7.5
First published (updated )
CVE-2008-4359

Lighttpd LighttpdInfoleak

high
7.5
First published (updated )
CVE-2008-4360

Lighttpd LighttpdMemory leak in the http_request_parse function in request.c in lighttpd before 1.4.20 allows remote …

medium
5
First published (updated )
CVE-2008-4298

Lighttpd LighttpdThe connection_state_machine function (connections.c) in lighttpd 1.4.19 and earlier, and 1.5.x befo…

medium
4.3
First published (updated )
CVE-2008-1531

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Lighttpd LighttpdInfoleak

medium
5
First published (updated )
CVE-2008-1270

Lighttpd LighttpdInfoleak

medium
5
First published (updated )
CVE-2008-1111

Lighttpd Lighttpdlighttpd 1.4.18, and possibly other versions before 1.5.0, does not properly calculate the size of a…

medium
5
First published (updated )
CVE-2008-0983

Lighttpd LighttpdBuffer Overflow

medium
6.8
First published (updated )
CVE-2007-4727

Lighttpd Lighttpdlighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service …

medium
4.3
First published (updated )
CVE-2007-3950

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Lighttpd Lighttpdmod_access.c in lighttpd 1.4.15 ignores trailing / (slash) characters in the URL, which allows remot…

high
8.3
First published (updated )
CVE-2007-3949

Lighttpd Lighttpdrequest.c in lighttpd 1.4.15 allows remote attackers to cause a denial of service (daemon crash) by …

medium
5.8
First published (updated )
CVE-2007-3947

Lighttpd Lighttpdmod_auth (http_auth.c) in lighttpd before 1.4.16 allows remote attackers to cause a denial of servic…

medium
6.4
First published (updated )
CVE-2007-3946

Lighttpd Lighttpdconnections.c in lighttpd before 1.4.16 might accept more connections than the configured maximum, w…

medium
4.3
First published (updated )
CVE-2007-3948

Lighttpd Lighttpdlighttpd 1.4.12 and 1.4.13 allows remote attackers to cause a denial of service (cpu and resource co…

medium
5
First published (updated )
CVE-2007-1869

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Lighttpd LighttpdNull Pointer Dereference

high
7.8
First published (updated )
CVE-2007-1870

Lighttpd Lighttpdresponse.c in Lighttpd 1.4.10 and possibly previous versions, when run on Windows, allows remote att…

medium
5
First published (updated )
CVE-2006-0814

Lighttpd LighttpdLightTPD 1.4.8 and earlier, when the web root is on a case-insensitive filesystem, allows remote att…

low
2.6
First published (updated )
CVE-2006-0760

Lighttpd LighttpdThe buffer_urldecode function in Lighttpd 1.3.7 and earlier does not properly handle control charact…

medium
5
First published (updated )
CVE-2005-0453

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203