|
250741
|
9.1 |
CRITICAL
Network
|
beckhoff
|
twincat
|
Beckhoff TwinCAT supports communication over ADS. ADS is a protocol for industrial automation in protected environments. ADS has not been designed to achieve security purposes and therefore does not …
|
CWE-326
Inadequate Encryption Strength
|
CVE-2017-16726
|
2024-11-21 12:16 |
2018-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250742
|
5.9 |
MEDIUM
Network
|
beckhoff
|
twincat
|
Beckhoff TwinCAT 3 supports communication over ADS. ADS is a protocol for industrial automation in protected environments. This protocol uses user configured routes, that can be edited remotely via A…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2017-16718
|
2024-11-21 12:16 |
2018-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250743
|
6.1 |
MEDIUM
Network
|
sensiolabs
debian
|
symfony
debian_linux
|
An issue was discovered in Symfony 2.7.x before 2.7.38, 2.8.x before 2.8.31, 3.2.x before 3.2.14, and 3.3.x before 3.3.13. DefaultAuthenticationSuccessHandler or DefaultAuthenticationFailureHandler t…
|
CWE-601
Open Redirect
|
CVE-2017-16652
|
2024-11-21 12:16 |
2018-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250744
|
9.8 |
CRITICAL
Network
|
static-eval_project
|
static-eval
|
The static-eval module is intended to evaluate statically-analyzable expressions. In affected versions, untrusted user input is able to access the global function constructor, effectively allowing ar…
|
CWE-20
Improper Input Validation
|
CVE-2017-16226
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250745
|
7.5 |
HIGH
Network
|
aegir_project
|
aegir
|
aegir is a module to help automate JavaScript project management. Version 12.0.0 through and including 12.0.7 bundled and published to npm the user (that performed a aegir-release) GitHub token.
|
CWE-200
Information Exposure
|
CVE-2017-16225
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250746
|
7.5 |
HIGH
Network
|
nodeaaaaa_project
|
nodeaaaaa
|
nodeaaaaa is a static file server. nodeaaaaa is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16223
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250747
|
5.3 |
MEDIUM
Network
|
elding_project
|
elding
|
elding is a simple web server. elding is vulnerable to a directory traversal issue, allowing an attacker to access the filesystem by placing "../" in the url. The files accessible, however, are limit…
|
CWE-22
Path Traversal
|
CVE-2017-16222
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250748
|
7.5 |
HIGH
Network
|
yzt_project
|
yzt
|
yzt is a simple file server. yzt is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16221
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250749
|
7.5 |
HIGH
Network
|
wind-mvc_project
|
wind-mvc
|
wind-mvc is an mvc framework. wind-mvc is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16220
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250750
|
7.5 |
HIGH
Network
|
yttivy_project
|
yttivy
|
yttivy is a static file server. yttivy is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16219
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
