Filtered by vendor Hiawatha
Subscriptions
Filtered by product Web Server
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-57784 | 1 Hiawatha | 1 Web Server | 2026-01-27 | 4 Medium |
| Tomahawk auth timing attack due to usage of `strcmp` has been identified in Hiawatha webserver version 11.7 which allows a local attacker to access the management client. | ||||
| CVE-2025-57785 | 1 Hiawatha | 1 Web Server | 2026-01-27 | 6.5 Medium |
| A Double Free in XSLT `show_index` has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to corrupt data which may lead to arbitrary code execution. | ||||
| CVE-2025-57783 | 1 Hiawatha | 1 Web Server | 2026-01-27 | 5.3 Medium |
| Improper header parsing may lead to request smuggling has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to access restricted resources managed by Hiawatha webserver. | ||||
Page 1 of 1.