| Bug | Description |
|---|
| CVE-2007-1869 | lighttpd 1.4.12 and 1.4.13 allows remote attackers to cause a denial ... |
| CVE-2007-1870 | lighttpd before 1.4.14 allows attackers to cause a denial of service ... |
| CVE-2007-2841 | lighttpd DoS |
| CVE-2007-3946 | mod_auth (http_auth.c) in lighttpd before 1.4.16 allows remote ... |
| CVE-2007-3947 | request.c in lighttpd 1.4.15 allows remote attackers to cause a denial ... |
| CVE-2007-3948 | connections.c in lighttpd before 1.4.16 might accept more connections ... |
| CVE-2007-3949 | mod_access.c in lighttpd 1.4.15 ignores trailing / (slash) characters ... |
| CVE-2007-3950 | lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers ... |
| CVE-2007-4727 | Buffer overflow in the fcgi_env_add function in ... |
| CVE-2008-0983 | lighttpd 1.4.18, and possibly other versions before 1.5.0, does not ... |
| CVE-2008-1111 | mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts ... |
| CVE-2008-1270 | mod_userdir in lighttpd 1.4.18 and earlier, when userdir.path is not ... |
| CVE-2008-1531 | The connection_state_machine function (connections.c) in lighttpd ... |
| CVE-2008-4298 | Memory leak in the http_request_parse function in request.c in ... |
| CVE-2008-4359 | lighttpd before 1.4.20 compares URIs to patterns in the (1) ... |
| CVE-2008-4360 | mod_userdir in lighttpd before 1.4.20, when a case-insensitive ... |
| CVE-2010-0295 | lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read ... |
| CVE-2011-3389 | The SSL protocol, as used in certain configurations in Microsoft ... |
| CVE-2011-4362 | Integer signedness error in the base64_decode function in the HTTP ... |
| TEMP-0000000-589A35 | "slowloris" denial-of-service vulnerabilty in webservers |