Vulnerabilities > Embedthis > Goahead > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-25 | CVE-2021-43298 | Improper Restriction of Excessive Authentication Attempts vulnerability in Embedthis Goahead The code that performs password matching when using 'Basic' HTTP authentication does not use a constant-time memcmp and has no rate-limiting. | 5.0 |
| 2019-12-03 | CVE-2019-5097 | Infinite Loop vulnerability in Embedthis Goahead 3.6.5/4.1.1/5.0.1 A denial-of-service vulnerability exists in the processing of multi-part/form-data requests in the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. | 5.0 |
| 2019-11-22 | CVE-2019-19240 | Use of Uninitialized Resource vulnerability in Embedthis Goahead Embedthis GoAhead before 5.0.1 mishandles redirected HTTP requests with a large Host header. | 5.0 |
| 2019-09-20 | CVE-2019-16645 | Code Injection vulnerability in Embedthis Goahead 2.5.0 An issue was discovered in Embedthis GoAhead 2.5.0. | 5.0 |
| 2019-06-14 | CVE-2019-12822 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Embedthis Goahead In http.c in Embedthis GoAhead before 4.1.1 and 5.x before 5.0.1, a header parsing vulnerability causes a memory assertion, out-of-bounds memory reference, and potential DoS, as demonstrated by a colon on a line by itself. | 5.0 |
| 2017-09-05 | CVE-2017-14149 | NULL Pointer Dereference vulnerability in Embedthis Goahead GoAhead 3.4.0 through 3.6.5 has a NULL Pointer Dereference in the websDecodeUrl function in http.c, leading to a crash for a "POST / HTTP/1.1" request. | 5.0 |
| 2017-03-13 | CVE-2017-5674 | Information Exposure vulnerability in Embedthis Goahead A vulnerability in a custom-built GoAhead web server used on Foscam, Vstarcam, and multiple white-label IP camera models allows an attacker to craft a malformed HTTP ("GET system.ini HTTP/1.1\n\n" - note the lack of "/" in the path field of the request) request that will disclose the configuration file with the login password. | 5.0 |