Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5
CVE-2025-55763
- EPSS 2.75%
- Published 29.08.2025 00:00:00
- Last modified 09.09.2025 13:57:35
Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 (latest) allows a remote attacker to achieve remote code execution via a crafted HTTP request. This vulnerability is triggered during request processing and may allow an attacker to corr...
9.8
CVE-2020-27304
- EPSS 1%
- Published 21.10.2021 16:15:07
- Last modified 21.11.2024 05:21:01
The CivetWeb web library does not validate uploaded filepaths when running on an OS other than Windows, when using the built-in HTTP form-based file upload mechanism, via the mg_handle_form_request API. Web applications that use the file upload form ...
7.1
CVE-2018-12684
- EPSS 0.19%
- Published 22.06.2018 19:29:00
- Last modified 21.11.2024 03:45:40
Out-of-bounds Read in the send_ssi_file function in civetweb.c in CivetWeb through 1.10 allows attackers to cause a Denial of Service or Information Disclosure via a crafted SSI file.
1