Filtered by vendor Embedthis
Subscriptions
Total
26 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-12822 | 1 Embedthis | 1 Goahead | 2024-11-21 | N/A |
| In http.c in Embedthis GoAhead before 4.1.1 and 5.x before 5.0.1, a header parsing vulnerability causes a memory assertion, out-of-bounds memory reference, and potential DoS, as demonstrated by a colon on a line by itself. | ||||
| CVE-2018-8715 | 1 Embedthis | 1 Appweb | 2024-11-21 | N/A |
| The Embedthis HTTP library, and Appweb versions before 7.0.3, have a logic flaw related to the authCondition function in http/httpLib.c. With a forged HTTP request, it is possible to bypass authentication for the form and digest login types. | ||||
| CVE-2018-15505 | 2 Embedthis, Juniper | 3 Appweb, Goahead, Junos | 2024-11-21 | 7.5 High |
| An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. An HTTP POST request with a specially crafted "Host" header field may cause a NULL pointer dereference and thus cause a denial of service, as demonstrated by the lack of a trailing ']' character in an IPv6 address. | ||||
| CVE-2018-15504 | 2 Embedthis, Juniper | 134 Appweb, Goahead, Ex2200 and 131 more | 2024-11-21 | 7.5 High |
| An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which results in a NULL pointer dereference, as demonstrated by If-Modified-Since or If-Unmodified-Since with a month greater than 11. | ||||
| CVE-2017-1000471 | 1 Embedthis | 1 Goahead | 2024-11-21 | N/A |
| EmbedThis GoAhead Webserver version 4.0.0 is vulnerable to a NULL pointer dereference in the CGI handler resulting in memory corruption or denial of service. | ||||
| CVE-2017-1000470 | 1 Embedthis | 1 Goahead Web Server | 2024-11-21 | N/A |
| EmbedThis GoAhead Webserver versions 4.0.0 and earlier is vulnerable to an integer overflow in the HTTP listener resulting in denial of service. | ||||