Every CVE whose affected-product data names Embedthis Appweb, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2018-8715 — CVSS 8.1 (high): The Embedthis HTTP library, and Appweb versions before 7.0.3, have a logic flaw related to the authCondition function in http/httpLib.c…
CVE-2018-15504 — CVSS 7.5 (high): An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields…
CVE-2018-15505 — CVSS 7.5 (high): An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. An HTTP POST request with a specially crafted "Host"…
CVE-2020-15689 — CVSS 7.5 (high): Appweb before 7.2.2 and 8.x before 8.1.0, when built with CGI support, mishandles an HTTP request with a Range header that lacks an exact…
CVE-2021-33254 — CVSS 7.5 (high): An issue was discovered in src/http/httpLib.c in EmbedThis Appweb Community Edition 8.2.1, allows attackers to cause a denial of service…
CVE-2014-9708 — CVSS 5.0 (medium): Embedthis Appweb before 4.6.6 and 5.x before 5.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a…