|
250991
|
7.5 |
HIGH
Network
|
cuciuci_project
|
cuciuci
|
cuciuci is a simple fileserver. cuciuci is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16122
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250992
|
7.5 |
HIGH
Network
|
datachannel-client_project
|
datachannel-client
|
datachannel-client is a signaling implementation for DataChannel.js. datachannel-client is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in t…
|
CWE-22
Path Traversal
|
CVE-2017-16121
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250993
|
7.5 |
HIGH
Network
|
liyujing_project
|
liyujing
|
liyujing is a static file server. liyujing is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16120
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250994
|
7.5 |
HIGH
Network
|
fresh_project
|
fresh
|
Fresh is a module used by the Express.js framework for HTTP response freshness testing. It is vulnerable to a regular expression denial of service when it is passed specially crafted input to parse. …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-16119
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250995
|
7.5 |
HIGH
Network
|
forwarded_project
|
forwarded
|
The forwarded module is used by the Express.js framework to handle the X-Forwarded-For header. It is vulnerable to a regular expression denial of service when it's passed specially crafted input to p…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-16118
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250996
|
7.5 |
HIGH
Network
|
slug_project
|
slug
|
slug is a module to slugify strings, even if they contain unicode. slug is vulnerable to regular expression denial of service is specially crafted untrusted input is passed as input. About 50k charac…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-16117
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250997
|
7.5 |
HIGH
Network
|
string_project
|
string
|
The string module is a module that provides extra string operations. The string module is vulnerable to regular expression denial of service when specifically crafted untrusted user input is passed i…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-16116
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250998
|
7.5 |
HIGH
Network
|
timespan_project
|
timespan
|
The timespan module is vulnerable to regular expression denial of service. Given 50k characters of untrusted user input it will block the event loop for around 10 seconds.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-16115
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250999
|
7.5 |
HIGH
Network
|
marked_project
|
marked
|
The marked module is vulnerable to a regular expression denial of service. Based on the information published in the public issue, 1k characters can block for around 6 seconds.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-16114
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251000
|
7.5 |
HIGH
Network
|
parsejson_project
|
parsejson
|
The parsejson module is vulnerable to regular expression denial of service when untrusted user input is passed into it to be parsed.
|
CWE-20
Improper Input Validation
|
CVE-2017-16113
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
