IDCVSSSummaryLast (major) updatePublished
CVE-2018-15505 5.0
An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. An HTTP POST request with a specially crafted "Host" header field may cause a NULL pointer dereference and thus cause a denial of service, as demonstrated by the lack
17-08-2018 - 23:29 17-08-2018 - 23:29
CVE-2018-15504 5.0
An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which results in a NULL pointer dereference, as demonstrated by If-Modified-Since or If-Unmodified
17-08-2018 - 23:29 17-08-2018 - 23:29
CVE-2018-8715 6.8
The Embedthis HTTP library, and Appweb versions before 7.0.3, have a logic flaw related to the authCondition function in http/httpLib.c. With a forged HTTP request, it is possible to bypass authentication for the form and digest login types.
14-03-2018 - 21:29 14-03-2018 - 21:29
CVE-2014-9708 5.0
Embedthis Appweb before 4.6.6 and 5.x before 5.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a Range header with an empty value, as demonstrated by "Range: x=,".
27-01-2017 - 21:59 31-03-2015 - 10:59
Back to Top Mark selected
Back to Top