Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
project server vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-16036
`badjs-sourcemap-server` receives files sent by `badjs-sourcemap`. `badjs-sourcemap-server` is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Badjs-sourcemap-server Project Badjs-sourcemap-server
4
CVSSv2
CVE-2018-3713
angular-http-server node module suffers from a Path Traversal vulnerability due to lack of validation of possibleFilename, which allows a malicious user to read content of any file with known path.
Angular-http-server Project Angular-http-server
7.5
CVSSv2
CVE-2018-10387
Heap-based overflow vulnerability in TFTP Server SP 1.66 and previous versions allows remote malicious users to perform a denial of service or possibly execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2008-2161.
Open Tftp Server Project Open Tftp Server
7.5
CVSSv2
CVE-2018-10388
Format string vulnerability in the logMess function in TFTP Server SP 1.66 and previous versions allows remote malicious users to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet.
Open Tftp Server Project Open Tftp Server
7.5
CVSSv2
CVE-2018-10389
Format string vulnerability in the logMess function in TFTP Server MT 1.65 and previous versions allows remote malicious users to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet.
Open Tftp Server Project Open Tftp Server
NA
CVE-2023-26104
All versions of the package lite-web-server are vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes control characters that the decodeURI() function is unable to parse.
Lite-web-server Project Lite-web-server -
5
CVSSv2
CVE-2020-35857
An issue exists in the trust-dns-server crate prior to 0.18.1 for Rust. DNS MX and SRV null targets are mishandled, causing stack consumption.
Trust-dns-server Project Trust-dns-server
7.5
CVSSv2
CVE-2022-27240
scheme/webauthn.c in Glewlwyd SSO server 2.x prior to 2.6.2 has a buffer overflow associated with a webauthn assertion.
Glewlwyd Sso Server Project Glewlwyd Sso Server
5
CVSSv2
CVE-2020-7683
This affects all versions of package rollup-plugin-server. There is no path sanitization in readFile operation performed inside the readFileFromContentBase function.
Rollup-plugin-server Project Rollup-plugin-server
5
CVSSv2
CVE-2017-16124
node-server-forfront is a simple static file server. node-server-forfront is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Node-server-forfront Project Node-server-forfront
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »