Litespeed Web Server

litespeed_web_server

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-54939 1Litespeedtech 4Litespeed Web Adc Litespeed Web ServerLsquic+1 more Aug 27, 2025 Aug 1, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 LiteSpeed QUIC (LSQUIC) Library before 4.3.1 has an lsquic_engine_packet_in memory leak.
CVE-2012-4871 1Litespeedtech 1Litespeed Web Server Apr 29, 2026 Sep 6, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in service/graph_html.php in the administrator panel in LiteSpeed Web Server 4.1.11 allows remote attackers to inject arbitrary web script or HTML via the gtitle parameter.
CVE-2010-2333 1Litespeedtech 1Litespeed Web Server Apr 29, 2026 Jun 18, 2010 N/A· v4 N/A· v3 5.0 MEDIUM· v2 LiteSpeed Technologies LiteSpeed Web Server 4.0.x before 4.0.15 allows remote attackers to read the source code of scripts via an HTTP request with a null byte followed by a .txt file extension.
CVE-2004-0112 244d AppleAvaya+21 more 65Aaa Server Access RegistrarApache Based Web Server+62 more Apr 16, 2026 Nov 23, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a de...Show more The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.Show less