Lista CVE - 2018 / Giugno
Visualizzazione 401 - 500 di 1783 CVE per Giugno 2018 (Pagina 5 di 18)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2017-16076 | 2018-06-07 | proxy.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. |
| CVE-2017-16077 | 2018-06-07 | mongose was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. |
| CVE-2017-16078 | 2018-06-07 | shadowsock was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. |
| CVE-2017-16079 | 2018-06-07 | smb was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. |
| CVE-2017-16080 | 2018-06-07 | nodesass was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. |
| CVE-2017-16081 | 2018-06-07 | cross-env.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. |
| CVE-2017-16082 | 2018-06-07 | A remote code execution vulnerability was found within the pg module when the remote database or query specifies a specially crafted column name. There are 2 likely scenarios in which... |
| CVE-2017-16083 | 2018-06-07 | node-simple-router is a minimalistic router for Node. node-simple-router is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. |
| CVE-2017-16084 | 2018-06-07 | list-n-stream is a server for static files to list and stream local videos. list-n-stream v0.0.10 or lower is vulnerable to a directory traversal issue, giving an attacker access to the... |
| CVE-2017-16085 | 2018-06-07 | tinyserver2 is a webserver for static files. tinyserver2 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. |
| CVE-2017-16086 | 2018-06-07 | ua-parser is a port of Browserscope's user agent parser. ua-parser is vulnerable to a ReDoS (Regular Expression Denial of Service) attack when given a specially crafted UserAgent header. |
| CVE-2017-16088 | 2018-06-07 | The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of... |
| CVE-2017-16089 | 2018-06-07 | serverlyr is a simple http server. serverlyr is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. |
| CVE-2017-16090 | 2018-06-07 | fsk-server is a simple http server. fsk-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16091 | 2018-06-07 | xtalk helps your browser talk to nodex, a simple web framework. xtalk is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in... |
| CVE-2017-16092 | 2018-06-07 | Sencisho is a simple http server for local development. Sencisho is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. |
| CVE-2017-16093 | 2018-06-07 | cyber-js is a simple http server. A cyberjs server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16094 | 2018-06-07 | iter-http is a server for static files. iter-http is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16095 | 2018-06-07 | serverliujiayi1 is a simple http server. serverliujiayi1 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. |
| CVE-2017-16096 | 2018-06-07 | serveryaozeyan is a simple HTTP server. serveryaozeyan is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. |
| CVE-2017-16097 | 2018-06-07 | tiny-http is a simple http server. tiny-http is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16098 | 2018-06-07 | charset 1.0.0 and below are vulnerable to regular expression denial of service. Input of around 50k characters is required for a slow down of around 2 seconds. Unless node was... |
| CVE-2017-16099 | 2018-06-07 | The no-case module is vulnerable to regular expression denial of service. When malicious untrusted user input is passed into no-case it can block the event loop causing a denial of... |
| CVE-2017-16100 | 2018-06-07 | dns-sync is a sync/blocking dns resolver. If untrusted user input is allowed into the resolve() method then command injection is possible. |
| CVE-2017-16101 | 2018-06-07 | serverwg is a simple http server. serverwg is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. |
| CVE-2017-16102 | 2018-06-07 | serverhuwenhui is a simple http server. serverhuwenhui is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. |
| CVE-2017-16103 | 2018-06-07 | serveryztyzt is a simple http server. serveryztyzt is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. |
| CVE-2017-16104 | 2018-06-07 | citypredict.whauwiller is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16105 | 2018-06-07 | serverwzl is a simple http server. serverwzl is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. |
| CVE-2017-16106 | 2018-06-07 | tmock is a static file server. tmock is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16107 | 2018-06-07 | pooledwebsocket is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16108 | 2018-06-07 | gaoxiaotingtingting is an HTTP server. gaoxiaotingtingting is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16109 | 2018-06-07 | easyquick is a simple web server. easyquick is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. Access is constrained,... |
| CVE-2017-16110 | 2018-06-07 | weather.swlyons is a simple web server for weather updates. weather.swlyons is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16111 | 2018-06-07 | The content module is a module to parse HTTP Content-* headers. It is used by the hapijs framework to provide this functionality. The module is vulnerable to regular expression denial... |
| CVE-2017-16113 | 2018-06-07 | The parsejson module is vulnerable to regular expression denial of service when untrusted user input is passed into it to be parsed. |
| CVE-2017-16114 | 2018-06-07 | The marked module is vulnerable to a regular expression denial of service. Based on the information published in the public issue, 1k characters can block for around 6 seconds. |
| CVE-2017-16115 | 2018-06-07 | The timespan module is vulnerable to regular expression denial of service. Given 50k characters of untrusted user input it will block the event loop for around 10 seconds. |
| CVE-2017-16116 | 2018-06-07 | The string module is a module that provides extra string operations. The string module is vulnerable to regular expression denial of service when specifically crafted untrusted user input is passed... |
| CVE-2017-16117 | 2018-06-07 | slug is a module to slugify strings, even if they contain unicode. slug is vulnerable to regular expression denial of service is specially crafted untrusted input is passed as input.... |
| CVE-2017-16118 | 2018-06-07 | The forwarded module is used by the Express.js framework to handle the X-Forwarded-For header. It is vulnerable to a regular expression denial of service when it's passed specially crafted input... |
| CVE-2017-16119 | 2018-06-07 | Fresh is a module used by the Express.js framework for HTTP response freshness testing. It is vulnerable to a regular expression denial of service when it is passed specially crafted... |
| CVE-2017-16120 | 2018-06-07 | liyujing is a static file server. liyujing is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16121 | 2018-06-07 | datachannel-client is a signaling implementation for DataChannel.js. datachannel-client is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16122 | 2018-06-07 | cuciuci is a simple fileserver. cuciuci is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16123 | 2018-06-07 | welcomyzt is a simple file server. welcomyzt is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16124 | 2018-06-07 | node-server-forfront is a simple static file server. node-server-forfront is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16125 | 2018-06-07 | rtcmulticonnection-client is a signaling implementation for RTCMultiConnection.js, a multi-session manager. rtcmulticonnection-client is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the... |
| CVE-2017-16127 | 2018-06-07 | The module pandora-doomsday infects other modules. It's since been unpublished from the registry. |
| CVE-2017-16128 | 2018-06-07 | The module npm-script-demo opened a connection to a command and control server. It has been removed from the npm registry. |
| CVE-2017-16129 | 2018-06-07 | The HTTP client module superagent is vulnerable to ZIP bomb attacks. In a ZIP bomb attack, the HTTP server replies with a compressed response that becomes several magnitudes larger once... |
| CVE-2017-16130 | 2018-06-07 | exxxxxxxxxxx is an Http eX Frame Google Style JavaScript Guide. exxxxxxxxxxx is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the... |
| CVE-2017-16131 | 2018-06-07 | unicorn-list is a web framework. unicorn-list is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16132 | 2018-06-07 | simple-npm-registry is a local npm package cache. simple-npm-registry is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16133 | 2018-06-07 | goserv is an http server. goserv is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16134 | 2018-06-07 | http_static_simple is an http server. http_static_simple is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16135 | 2018-06-07 | serverzyy is a static file server. serverzyy is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16136 | 2018-06-07 | method-override is a module used by the Express.js framework to let you use HTTP verbs such as PUT or DELETE in places where the client doesn't support it. method-override is... |
| CVE-2017-16137 | 2018-06-07 | The debug module is vulnerable to regular expression denial of service when untrusted user input is passed into the o formatter. It takes around 50k characters to block for 2... |
| CVE-2017-16138 | 2018-06-07 | The mime module < 1.4.1, 2.0.1, 2.0.2 is vulnerable to regular expression denial of service when a mime lookup is performed on untrusted user input. |
| CVE-2017-16139 | 2018-06-07 | jikes is a file server. jikes is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. Accessible files are restricted... |
| CVE-2017-16140 | 2018-06-07 | lab6.brit95 is a file server. lab6.brit95 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16141 | 2018-06-07 | lab6drewfusbyu is an http server. lab6drewfusbyu is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16142 | 2018-06-07 | infraserver is a RESTful server. infraserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16143 | 2018-06-07 | commentapp.stetsonwood is an http server. commentapp.stetsonwood is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16144 | 2018-06-07 | myserver.alexcthomas18 is a file server. myserver.alexcthomas18 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16145 | 2018-06-07 | sspa is a server dedicated to single-page apps. sspa is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16146 | 2018-06-07 | mockserve is a file server. mockserve is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16147 | 2018-06-07 | shit-server is a file server. shit-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16148 | 2018-06-07 | serve46 is a static file server. serve46 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16149 | 2018-06-07 | zwserver is a weather web server. zwserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16150 | 2018-06-07 | wanggoujing123 is a simple webserver. wanggoujing123 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16151 | 2018-06-07 | Based on details posted by the ElectronJS team; A remote code execution vulnerability has been discovered in Google Chromium that affects all recent versions of Electron. Any Electron app that... |
| CVE-2017-16152 | 2018-06-07 | static-html-server is a static file server. static-html-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16154 | 2018-06-07 | earlybird is a web server module for early development. earlybird is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16155 | 2018-06-07 | fast-http-cli is the command line interface for fast-http, a simple web server. fast-http-cli is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../"... |
| CVE-2017-16156 | 2018-06-07 | myprolyz is a static file server. myprolyz is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16157 | 2018-06-07 | censorify.tanisjr is a simple web server and API RESTful service. censorify.tanisjr is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the... |
| CVE-2017-16158 | 2018-06-07 | dcserver is a static file server. dcserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16159 | 2018-06-07 | caolilinode is a simple file server. caolilinode is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16160 | 2018-06-07 | 11xiaoli is a simple file server. 11xiaoli is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16161 | 2018-06-07 | shenliru is a simple file server. shenliru is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16162 | 2018-06-07 | 22lixian is a simple file server. 22lixian is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16163 | 2018-06-07 | dylmomo is a simple file server. dylmomo is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16164 | 2018-06-07 | desafio is a simple web server. desafio is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url, but is limited... |
| CVE-2017-16165 | 2018-06-07 | calmquist.static-server is a static file server. calmquist.static-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16166 | 2018-06-07 | byucslabsix is an http server. byucslabsix is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16167 | 2018-06-07 | yyooopack is a simple file server. yyooopack is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16168 | 2018-06-07 | wffserve is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16169 | 2018-06-07 | looppake is a simple http server. looppake is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16170 | 2018-06-07 | liuyaserver is a static file server. liuyaserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16171 | 2018-06-07 | hcbserver is a static file server. hcbserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16172 | 2018-06-07 | section2.madisonjbrooks12 is a simple web server. section2.madisonjbrooks12 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16173 | 2018-06-07 | utahcityfinder constructs lists of Utah cities with a certain prefix. utahcityfinder is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the... |
| CVE-2017-16174 | 2018-06-07 | whispercast is a file server. whispercast is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16175 | 2018-06-07 | ewgaddis.lab6 is a file server. ewgaddis.lab6 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16176 | 2018-06-07 | jansenstuffpleasework is a file server. jansenstuffpleasework is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16177 | 2018-06-07 | chatbyvista is a file server. chatbyvista is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16178 | 2018-06-07 | intsol-package is a file server. intsol-package is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2017-16179 | 2018-06-07 | dasafio is a web server. dasafio is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. File access is restricted... |