Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-16225 | 1 Aegir Project | 1 Aegir | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| aegir is a module to help automate JavaScript project management. Version 12.0.0 through and including 12.0.7 bundled and published to npm the user (that performed a aegir-release) GitHub token. | |||||
| CVE-2017-16219 | 1 Yttivy Project | 1 Yttivy | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| yttivy is a static file server. yttivy is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16218 | 1 Dgard8.lab6 Project | 1 Dgard8.lab6 | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| dgard8.lab6 is a static file server. dgard8.lab6 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16217 | 1 Webrtc-experiment | 1 Fbr-client | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| fbr-client sends files through sockets via socket.io and webRTC. fbr-client is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16216 | 1 Tencent-server Project | 1 Tencent-server | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| tencent-server is a simple web server. tencent-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16208 | 1 Dmmcquay.lab6 Project | 1 Dmmcquay.lab6 | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| dmmcquay.lab6 is a REST server. dmmcquay.lab6 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16207 | 1 Discordi.js Project | 1 Discordi.js | 2019-10-09 | 5.0 MEDIUM | 7.3 HIGH |
| discordi.js is a malicious module based on the discord.js library that exfiltrates login tokens to pastebin. | |||||
| CVE-2017-16205 | 1 Coffescript Project | 1 Coffescript | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| The coffescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | |||||
| CVE-2017-16193 | 1 Mfrs Project | 1 Mfrs | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| mfrs is a static file server. mfrs is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16192 | 1 Getcityapi.yoehoehne Project | 1 Getcityapi.yoehoehne | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| getcityapi.yoehoehne is a web server. getcityapi.yoehoehne is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16191 | 1 Cypserver Project | 1 Cypserver | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| cypserver is a static file server. cypserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16190 | 1 Dcdcdcdcdc Project | 1 Dcdcdcdcdc | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| dcdcdcdcdc is a static file server. dcdcdcdcdc is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16185 | 1 Uekw1511server Project | 1 Uekw1511server | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| uekw1511server is a static file server. uekw1511server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16184 | 1 Scott-blanch-weather-app Project | 1 Scott-blanch-weather-app | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| scott-blanch-weather-app is a sample Node.js app using Express 4. scott-blanch-weather-app is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16183 | 1 Iter-server Project | 1 Iter-server | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| iter-server is a static file server. iter-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16182 | 1 Serverxxx Project | 1 Serverxxx | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| serverxxx is a static file server. serverxxx is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16177 | 1 Chatbyvista Project | 1 Chatbyvista | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| chatbyvista is a file server. chatbyvista is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16176 | 1 Jansenstuffpleasework Project | 1 Jansenstuffpleasework | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| jansenstuffpleasework is a file server. jansenstuffpleasework is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16175 | 1 Ewgaddis.lab6 Project | 1 Ewgaddis.lab6 | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| ewgaddis.lab6 is a file server. ewgaddis.lab6 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16174 | 1 Whispercast Project | 1 Whispercast | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| whispercast is a file server. whispercast is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16169 | 1 Looppake Project | 1 Looppake | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| looppake is a simple http server. looppake is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16168 | 1 Wffserve Project | 1 Wffserve | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| wffserve is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16167 | 1 Yyooopack Project | 1 Yyooopack | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| yyooopack is a simple file server. yyooopack is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16166 | 1 Byucslabsix Project | 1 Byucslabsix | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| byucslabsix is an http server. byucslabsix is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16204 | 1 Jquey Project | 1 Jquey | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| The jquey module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | |||||
| CVE-2017-16157 | 1 Censorify.tanisjr Project | 1 Censorify.tanisjr | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| censorify.tanisjr is a simple web server and API RESTful service. censorify.tanisjr is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16156 | 1 Myprolyz Project | 1 Myprolyz | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| myprolyz is a static file server. myprolyz is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16155 | 1 Fast-http-cli Project | 1 Fast-http-cli | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| fast-http-cli is the command line interface for fast-http, a simple web server. fast-http-cli is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16154 | 1 Earlybird Project | 1 Earlybird | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| earlybird is a web server module for early development. earlybird is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16149 | 1 Zwserver Project | 1 Zwserver | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| zwserver is a weather web server. zwserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16148 | 1 Serve46 Project | 1 Serve46 | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| serve46 is a static file server. serve46 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16147 | 1 Shit-server Project | 1 Shit-server | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| shit-server is a file server. shit-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16146 | 1 Mockserve Project | 1 Mockserve | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| mockserve is a file server. mockserve is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16136 | 1 Expressjs | 1 Method-override | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| method-override is a module used by the Express.js framework to let you use HTTP verbs such as PUT or DELETE in places where the client doesn't support it. method-override is vulnerable to a regular expression denial of service vulnerability when specially crafted input is passed in to be parsed via the X-HTTP-Method-Override header. | |||||
| CVE-2017-16135 | 1 Serverzyy Project | 1 Serverzyy | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| serverzyy is a static file server. serverzyy is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16134 | 1 Http Static Simple Project | 1 Http Static Simple | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| http_static_simple is an http server. http_static_simple is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16133 | 1 Goserv Project | 1 Goserv | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| goserv is an http server. goserv is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16125 | 1 Rtcmulticonnection-client Project | 1 Rtcmulticonnection-client | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| rtcmulticonnection-client is a signaling implementation for RTCMultiConnection.js, a multi-session manager. rtcmulticonnection-client is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16124 | 1 Node-server-forfront Project | 1 Node-server-forfront | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| node-server-forfront is a simple static file server. node-server-forfront is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16111 | 1 Content Project | 1 Content | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| The content module is a module to parse HTTP Content-* headers. It is used by the hapijs framework to provide this functionality. The module is vulnerable to regular expression denial of service when passed a specifically crafted Content-Type or Content-Disposition header. | |||||
| CVE-2017-16110 | 1 Weather.swlyons Project | 1 Weather.swlyons | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| weather.swlyons is a simple web server for weather updates. weather.swlyons is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16108 | 1 Gaoxiaotingtingting Project | 1 Gaoxiaotingtingting | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| gaoxiaotingtingting is an HTTP server. gaoxiaotingtingting is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16107 | 1 Pooledwebsocket Project | 1 Pooledwebsocket | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| pooledwebsocket is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16102 | 1 Serverhuwenhui Project | 1 Serverhuwenhui | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| serverhuwenhui is a simple http server. serverhuwenhui is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. | |||||
| CVE-2017-16101 | 1 Serverwg Project | 1 Serverwg | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| serverwg is a simple http server. serverwg is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. | |||||
| CVE-2017-16099 | 1 No-case Project | 1 No-case | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| The no-case module is vulnerable to regular expression denial of service. When malicious untrusted user input is passed into no-case it can block the event loop causing a denial of service condition. | |||||
| CVE-2017-16089 | 1 Serverlyr Project | 1 Serverlyr | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| serverlyr is a simple http server. serverlyr is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. | |||||
| CVE-2017-16086 | 1 Ua-parser Project | 1 Ua-parser | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| ua-parser is a port of Browserscope's user agent parser. ua-parser is vulnerable to a ReDoS (Regular Expression Denial of Service) attack when given a specially crafted UserAgent header. | |||||
| CVE-2017-16085 | 1 Tinyserver2 Project | 1 Tinyserver2 | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| tinyserver2 is a webserver for static files. tinyserver2 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. | |||||
| CVE-2017-16080 | 1 Nodesass Project | 1 Nodesass | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| nodesass was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | |||||