Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lite vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-12473
ccnl_ccntlv_bytes2pkt in CCN-lite allows context-dependent malicious users to cause a denial of service (application crash) via vectors involving packets with "wrong L values."
Ccn-lite Ccn-lite
7.5
CVSSv2
CVE-2018-12889
An issue exists in CCN-lite 2.0.1. There is a heap-based buffer overflow in mkAddToRelayCacheRequest and in ccnl_populate_cache for an array lacking '\0' termination when reading a binary CCNx or NDN file. This can result in Heap Corruption. This was addressed by fixing...
Ccn-lite Ccn-lite 2.0.1
7.5
CVSSv2
CVE-2007-1984
PHP remote file inclusion vulnerability in index.php in lite-cms 0.2.1 allows remote malicious users to execute arbitrary PHP code via a URL in the inc parameter.
Lite-cms Lite-cms 0.2.1
6.8
CVSSv2
CVE-2018-6480
A type confusion issue exists in CCN-lite 2, leading to a memory access violation and a failure of the nonce feature (which, for example, helped with loop prevention). ccnl_fwd_handleInterest assumes that the union member s is of type ccnl_pktdetail_ndntlv_s. However, if the type...
Ccn-lite Ccn-lite 2.0.0
NA
CVE-2023-28418
Auth. (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability in Yudlee themes Mediciti Lite theme <= 1.3.0 versions.
Mediciti Lite Project Mediciti Lite
NA
CVE-2022-21192
All versions of the package serve-lite are vulnerable to Directory Traversal due to missing input sanitization or other checks and protections employed to the req.url passed as-is to path.join().
Serve-lite Project Serve-lite
7.5
CVSSv2
CVE-2018-6953
In CCN-lite 2, the Parser of NDNTLV does not verify whether a certain component's length field matches the actual component length, which has a resultant buffer overflow and out-of-bounds memory accesses.
Ccn-lite Ccn-lite 2.0.0
NA
CVE-2022-25940
All versions of package lite-server are vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes control characters that the decodeURI() function is unable to parse.
Lite-server Project Lite-server -
NA
CVE-2022-25847
All versions of the package serve-lite are vulnerable to Cross-site Scripting (XSS) because when it detects a request to a directory, it renders a file listing of all of its contents with links that include the actual file names without any sanitization or output encoding.
Serve-lite Project Serve-lite
7.5
CVSSv2
CVE-2018-7039
CCN-lite 2.0.0 Beta allows remote malicious users to cause a denial of service (buffer overflow) or possibly have unspecified other impact because the ccnl_ndntlv_prependBlob function in ccnl-pkt-ndntlv.c can be called with wrong arguments. Specifically, there is an incorrect int...
Ccn-lite Ccn-lite 2.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »