Vulnerabilities > Acme

DATE CVE VULNERABILITY TITLE RISK
2024-01-07 CVE-2024-0263 Unspecified vulnerability in Acme Ultra Mini Httpd 1.21
A vulnerability was found in ACME Ultra Mini HTTPd 1.21.
network
low complexity
acme
7.5
2019-12-27 CVE-2007-0158 Out-of-bounds Write vulnerability in Acme Thttpd 2007
thttpd 2007 has buffer underflow.
network
low complexity
acme CWE-787
critical
9.8
2019-11-25 CVE-2012-5640 NULL Pointer Dereference vulnerability in Acme Thttpd
thttpd has a local DoS vulnerability via specially-crafted .htpasswd files
local
low complexity
acme CWE-476
5.5
2018-10-29 CVE-2018-18778 Information Exposure vulnerability in Acme Mini-Httpd
ACME mini_httpd before 1.30 lets remote users read arbitrary files.
network
low complexity
acme CWE-200
6.5
2018-02-06 CVE-2017-17663 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Acme Mini Httpd and Thttpd
The htpasswd implementation of mini_httpd before v1.28 and of thttpd before v2.28 is affected by a buffer overflow that can be exploited remotely to perform code execution.
network
low complexity
acme CWE-119
critical
9.8
2003-11-03 CVE-2003-0899 Incorrect Calculation of Buffer Size vulnerability in Acme Thttpd 2.21/2.22/2.23
Buffer overflow in defang in libhttpd.c for thttpd 2.21 to 2.23b1 allows remote attackers to execute arbitrary code via requests that contain '<' or '>' characters, which trigger the overflow when the characters are expanded to "&lt;" and "&gt;" sequences.
network
low complexity
acme CWE-131
critical
9.8
2001-12-31 CVE-2001-1496 Off-by-one Error vulnerability in Acme Thttpd
Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
network
low complexity
acme CWE-193
critical
9.8