Total
316927 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-16109 | 1 Easyquick Project | 1 Easyquick | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| easyquick is a simple web server. easyquick is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. Access is constrained, however, to supported file types. Requesting a file such as /etc/passwd returns a "not supported" error. | |||||
| CVE-2017-16108 | 1 Gaoxiaotingtingting Project | 1 Gaoxiaotingtingting | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| gaoxiaotingtingting is an HTTP server. gaoxiaotingtingting is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16107 | 1 Pooledwebsocket Project | 1 Pooledwebsocket | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| pooledwebsocket is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16106 | 1 Tmock Project | 1 Tmock | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| tmock is a static file server. tmock is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16105 | 1 Serverwzl Project | 1 Serverwzl | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| serverwzl is a simple http server. serverwzl is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. | |||||
| CVE-2017-16104 | 1 Citypredict.whauwiller Project | 1 Citypredict.whauwiller | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| citypredict.whauwiller is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16103 | 1 Serveryztyzt Project | 1 Serveryztyzt | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| serveryztyzt is a simple http server. serveryztyzt is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. | |||||
| CVE-2017-16102 | 1 Serverhuwenhui Project | 1 Serverhuwenhui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| serverhuwenhui is a simple http server. serverhuwenhui is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. | |||||
| CVE-2017-16101 | 1 Serverwg Project | 1 Serverwg | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| serverwg is a simple http server. serverwg is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. | |||||
| CVE-2017-16100 | 1 Dns-sync Project | 1 Dns-sync | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| dns-sync is a sync/blocking dns resolver. If untrusted user input is allowed into the resolve() method then command injection is possible. | |||||
| CVE-2017-16099 | 1 No-case Project | 1 No-case | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The no-case module is vulnerable to regular expression denial of service. When malicious untrusted user input is passed into no-case it can block the event loop causing a denial of service condition. | |||||
| CVE-2017-16098 | 1 Charset Project | 1 Charset | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| charset 1.0.0 and below are vulnerable to regular expression denial of service. Input of around 50k characters is required for a slow down of around 2 seconds. Unless node was compiled using the -DHTTP_MAX_HEADER_SIZE= option the default header max length is 80kb, so the impact of the ReDoS is relatively low. | |||||
| CVE-2017-16097 | 1 Tiny-http Project | 1 Tiny-http | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| tiny-http is a simple http server. tiny-http is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16096 | 1 Serveryaozeyan Project | 1 Serveryaozeyan | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| serveryaozeyan is a simple HTTP server. serveryaozeyan is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. | |||||
| CVE-2017-16095 | 1 Serverliujiayi1 Project | 1 Serverliujiayi1 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| serverliujiayi1 is a simple http server. serverliujiayi1 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. | |||||
| CVE-2017-16094 | 1 Iter-http Project | 1 Iter-http | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| iter-http is a server for static files. iter-http is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16093 | 1 Cyber-js Project | 1 Cyber-js | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| cyber-js is a simple http server. A cyberjs server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||
| CVE-2017-16092 | 1 Sencisho Project | 1 Sencisho | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Sencisho is a simple http server for local development. Sencisho is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. | |||||
| CVE-2017-16091 | 1 Xtalk Project | 1 Xtalk | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| xtalk helps your browser talk to nodex, a simple web framework. xtalk is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. | |||||
| CVE-2017-16090 | 1 Fsk-server Project | 1 Fsk-server | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| fsk-server is a simple http server. fsk-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | |||||