Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2017-16148

    serve46 is a static file server. serve46 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.... Read more

    Affected Products : serve46
    • Published: Jun. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16147

    shit-server is a file server. shit-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.... Read more

    Affected Products : shit-server
    • Published: Jun. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16146

    mockserve is a file server. mockserve is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.... Read more

    Affected Products : mockserve
    • Published: Jun. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16145

    sspa is a server dedicated to single-page apps. sspa is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.... Read more

    Affected Products : sspa
    • Published: Jun. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16144

    myserver.alexcthomas18 is a file server. myserver.alexcthomas18 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.... Read more

    Affected Products : myserver.alexcthomas18
    • Published: Jun. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16143

    commentapp.stetsonwood is an http server. commentapp.stetsonwood is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.... Read more

    Affected Products : commentapp.stetsonwood
    • Published: Jun. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16142

    infraserver is a RESTful server. infraserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.... Read more

    Affected Products : infraserver
    • Published: Jun. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16141

    lab6drewfusbyu is an http server. lab6drewfusbyu is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.... Read more

    Affected Products : lab6drewfusbyu
    • Published: Jun. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16140

    lab6.brit95 is a file server. lab6.brit95 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.... Read more

    Affected Products : lab6.brit95
    • Published: Jun. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16139

    jikes is a file server. jikes is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. Accessible files are restricted to files with .htm and .js extensions.... Read more

    Affected Products : jikes
    • Published: Jun. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16138

    The mime module < 1.4.1, 2.0.1, 2.0.2 is vulnerable to regular expression denial of service when a mime lookup is performed on untrusted user input.... Read more

    Affected Products : mime
    • Published: Jun. 07, 2018
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2017-16137

    The debug module is vulnerable to regular expression denial of service when untrusted user input is passed into the o formatter. It takes around 50k characters to block for 2 seconds making this a low severity issue.... Read more

    Affected Products : debug
    • Published: Jun. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16136

    method-override is a module used by the Express.js framework to let you use HTTP verbs such as PUT or DELETE in places where the client doesn't support it. method-override is vulnerable to a regular expression denial of service vulnerability when speciall... Read more

    Affected Products : method-override
    • Published: Jun. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16135

    serverzyy is a static file server. serverzyy is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.... Read more

    Affected Products : serverzyy
    • Published: Jun. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16134

    http_static_simple is an http server. http_static_simple is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.... Read more

    Affected Products : http_static_simple
    • Published: Jun. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16133

    goserv is an http server. goserv is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.... Read more

    Affected Products : goserv
    • Published: Jun. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16132

    simple-npm-registry is a local npm package cache. simple-npm-registry is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.... Read more

    Affected Products : simple-npm-registry
    • Published: Jun. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16131

    unicorn-list is a web framework. unicorn-list is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.... Read more

    Affected Products : unicorn-list
    • Published: Jun. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16130

    exxxxxxxxxxx is an Http eX Frame Google Style JavaScript Guide. exxxxxxxxxxx is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. Accessible files are restricted to those with a file extens... Read more

    Affected Products : exxxxxxxxxxx
    • Published: Jun. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2017-16129

    The HTTP client module superagent is vulnerable to ZIP bomb attacks. In a ZIP bomb attack, the HTTP server replies with a compressed response that becomes several magnitudes larger once uncompressed. If a client does not take special care when processing ... Read more

    Affected Products : superagent
    • Published: Jun. 07, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 293308 Results