Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lite vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-12473
ccnl_ccntlv_bytes2pkt in CCN-lite allows context-dependent malicious users to cause a denial of service (application crash) via vectors involving packets with "wrong L values."
Ccn-lite Ccn-lite
NA
CVE-2023-28418
Auth. (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability in Yudlee themes Mediciti Lite theme <= 1.3.0 versions.
Mediciti Lite Project Mediciti Lite
NA
CVE-2022-21192
All versions of the package serve-lite are vulnerable to Directory Traversal due to missing input sanitization or other checks and protections employed to the req.url passed as-is to path.join().
Serve-lite Project Serve-lite
NA
CVE-2022-25847
All versions of the package serve-lite are vulnerable to Cross-site Scripting (XSS) because when it detects a request to a directory, it renders a file listing of all of its contents with links that include the actual file names without any sanitization or output encoding.
Serve-lite Project Serve-lite
NA
CVE-2022-25940
All versions of package lite-server are vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes control characters that the decodeURI() function is unable to parse.
Lite-server Project Lite-server -
7.5
CVSSv2
CVE-2007-1984
PHP remote file inclusion vulnerability in index.php in lite-cms 0.2.1 allows remote malicious users to execute arbitrary PHP code via a URL in the inc parameter.
Lite-cms Lite-cms 0.2.1
7.5
CVSSv2
CVE-2018-6953
In CCN-lite 2, the Parser of NDNTLV does not verify whether a certain component's length field matches the actual component length, which has a resultant buffer overflow and out-of-bounds memory accesses.
Ccn-lite Ccn-lite 2.0.0
4.3
CVSSv2
CVE-2016-10535
csrf-lite is a cross-site request forgery protection library for framework-less node sites. csrf-lite uses `===`, a fail first string comparison, instead of a time constant string comparison This enables an malicious user to guess the secret in no more than (16*18)288 guesses, in...
Csrf-lite Project Csrf-lite
6.8
CVSSv2
CVE-2018-6480
A type confusion issue exists in CCN-lite 2, leading to a memory access violation and a failure of the nonce feature (which, for example, helped with loop prevention). ccnl_fwd_handleInterest assumes that the union member s is of type ccnl_pktdetail_ndntlv_s. However, if the type...
Ccn-lite Ccn-lite 2.0.0
7.5
CVSSv2
CVE-2018-6948
In CCN-lite 2, the function ccnl_prefix_to_str_detailed can cause a buffer overflow, when writing a prefix to the buffer buf. The maximal size of the prefix is CCNL_MAX_PREFIX_SIZE; the buffer has the size CCNL_MAX_PREFIX_SIZE. However, when NFN is enabled, additional characters ...
Ccn-lite Ccn-lite 2.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »