Every CVE whose affected-product data names Acme Labs Thttpd, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2000-0359 — CVSS 10.0 (critical): Buffer overflow in Trivial HTTP (THTTPd) allows remote attackers to cause a denial of service or execute arbitrary commands via a long…
CVE-2006-1078 — CVSS 8.4 (high): Multiple buffer overflows in htpasswd, as used in Acme thttpd 2.25b, and possibly other products such as Apache, might allow local users to…
CVE-2000-0900 — CVSS 7.5 (high): Directory traversal vulnerability in ssi CGI program in thttpd 2.19 and earlier allows remote attackers to read arbitrary files via a…
CVE-2002-0733 — CVSS 7.5 (high): Cross-site scripting vulnerability in thttpd 2.20 and earlier allows remote attackers to execute arbitrary script via a URL to a…
CVE-2006-1079 — CVSS 7.2 (high): htpasswd, as used in Acme thttpd 2.25b and possibly other products such as Apache, might allow local users to gain privileges via shell…
CVE-2006-4248 — CVSS 7.2 (high): thttpd on Debian GNU/Linux, and possibly other distributions, allows local users to create or touch arbitrary files via a symlink attack on…
CVE-2007-0664 — CVSS 5.0 (medium): thttpd before 2.25b-r6 in Gentoo Linux is started from the system root directory (/) by the Gentoo baselayout 1.12.6 package, which allows…
CVE-2002-1562 — CVSS 5.0 (medium): Directory traversal vulnerability in thttpd, when using virtual hosting, allows remote attackers to read arbitrary files via .. (dot dot)…
CVE-2004-2628 — CVSS 5.0 (medium): Multiple directory traversal vulnerabilities in thttpd 2.07 beta 0.4, when running on Windows, allow remote attackers to read arbitrary…
CVE-2005-3124 — CVSS 2.1 (low): syslogtocern in Acme thttpd before 2.23 allows local users to write arbitrary files via a symlink attack on a temporary file.