Total
83148 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-16143 | 1 Commentapp.stetsonwood Project | 1 Commentapp.stetsonwood | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| commentapp.stetsonwood is an http server. commentapp.stetsonwood is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16142 | 1 Infraserver Project | 1 Infraserver | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| infraserver is a RESTful server. infraserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16141 | 1 Lab6drewfusbyu Project | 1 Lab6drewfusbyu | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| lab6drewfusbyu is an http server. lab6drewfusbyu is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16140 | 1 Lab6.brit95 Project | 1 Lab6.brit95 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| lab6.brit95 is a file server. lab6.brit95 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16139 | 1 Jikes Project | 1 Jikes | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| jikes is a file server. jikes is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. Accessible files are restricted to files with .htm and .js extensions. | |||||
| CVE-2017-16138 | 1 Mime Project | 1 Mime | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The mime module < 1.4.1, 2.0.1, 2.0.2 is vulnerable to regular expression denial of service when a mime lookup is performed on untrusted user input. | |||||
| CVE-2017-16136 | 1 Expressjs | 1 Method-override | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| method-override is a module used by the Express.js framework to let you use HTTP verbs such as PUT or DELETE in places where the client doesn't support it. method-override is vulnerable to a regular expression denial of service vulnerability when specially crafted input is passed in to be parsed via the X-HTTP-Method-Override header. | |||||
| CVE-2017-16135 | 1 Serverzyy Project | 1 Serverzyy | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| serverzyy is a static file server. serverzyy is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16134 | 1 Http Static Simple Project | 1 Http Static Simple | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| http_static_simple is an http server. http_static_simple is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16133 | 1 Goserv Project | 1 Goserv | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| goserv is an http server. goserv is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16132 | 1 Simple-npm-registry Project | 1 Simple-npm-registry | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| simple-npm-registry is a local npm package cache. simple-npm-registry is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16131 | 1 Unicorn-list Project | 1 Unicorn-list | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| unicorn-list is a web framework. unicorn-list is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16130 | 1 Exxxxxxxxxxx Project | 1 Exxxxxxxxxxx | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| exxxxxxxxxxx is an Http eX Frame Google Style JavaScript Guide. exxxxxxxxxxx is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. Accessible files are restricted to those with a file extension. Files with no extension such as /etc/passwd throw an error. | |||||
| CVE-2017-16125 | 1 Rtcmulticonnection-client Project | 1 Rtcmulticonnection-client | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| rtcmulticonnection-client is a signaling implementation for RTCMultiConnection.js, a multi-session manager. rtcmulticonnection-client is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16124 | 1 Node-server-forfront Project | 1 Node-server-forfront | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| node-server-forfront is a simple static file server. node-server-forfront is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16123 | 1 Welcomyzt Project | 1 Welcomyzt | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| welcomyzt is a simple file server. welcomyzt is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16122 | 1 Cuciuci Project | 1 Cuciuci | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| cuciuci is a simple fileserver. cuciuci is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16121 | 1 Datachannel-client Project | 1 Datachannel-client | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| datachannel-client is a signaling implementation for DataChannel.js. datachannel-client is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16120 | 1 Liyujing Project | 1 Liyujing | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| liyujing is a static file server. liyujing is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16119 | 1 Fresh Project | 1 Fresh | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Fresh is a module used by the Express.js framework for HTTP response freshness testing. It is vulnerable to a regular expression denial of service when it is passed specially crafted input to parse. This causes the event loop to be blocked causing a denial of service condition. | |||||