Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-06-04 CVE-2017-16044 Information Exposure vulnerability in D3.Js Project D3.Js
`d3.js` was a malicious module published with the intent to hijack environment variables.
network
low complexity
d3-js-project CWE-200
7.5
2018-06-04 CVE-2017-16040 Cleartext Transmission of Sensitive Information vulnerability in Gfe-Sass Project Gfe-Sass
gfe-sass is a library for promises (CommonJS/Promises/A,B,D) gfe-sass downloads resources over HTTP, which leaves it vulnerable to MITM attacks.
network
high complexity
gfe-sass-project CWE-319
8.1
2018-06-04 CVE-2017-16039 Path Traversal vulnerability in Hftp Project Hftp
`hftp` is a static http or ftp server `hftp` is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
network
low complexity
hftp-project CWE-22
7.5
2018-06-04 CVE-2017-16038 Path Traversal vulnerability in F2E-Server Project F2E-Server
`f2e-server` 1.12.11 and earlier is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
network
low complexity
f2e-server-project CWE-22
7.5
2018-06-04 CVE-2017-16037 Path Traversal vulnerability in Gomeplus-H5-Proxy Project Gomeplus-H5-Proxy
`gomeplus-h5-proxy` is vulnerable to a directory traversal issue, allowing attackers to access any file in the system by placing '../' in the URL.
network
low complexity
gomeplus-h5-proxy-project CWE-22
7.5
2018-06-04 CVE-2017-16036 Path Traversal vulnerability in Badjs-Sourcemap-Server Project Badjs-Sourcemap-Server
`badjs-sourcemap-server` receives files sent by `badjs-sourcemap`.
network
low complexity
badjs-sourcemap-server-project CWE-22
7.5
2018-06-04 CVE-2017-16035 Cleartext Transmission of Sensitive Information vulnerability in Hubspot Hubl-Server
The hubl-server module is a wrapper for the HubL Development Server.
network
high complexity
hubspot CWE-319
8.1
2018-06-04 CVE-2017-16031 Use of Insufficiently Random Values vulnerability in Socket Socket.Io
Socket.io is a realtime application framework that provides communication via websockets.
network
low complexity
socket CWE-330
7.5
2018-06-04 CVE-2017-16030 Unspecified vulnerability in Useragent Project Useragent
Useragent is used to parse useragent headers.
network
low complexity
useragent-project
7.5
2018-06-04 CVE-2017-16029 Path Traversal vulnerability in Hostr Project Hostr
hostr is a simple web server that serves up the contents of the current directory.
network
low complexity
hostr-project CWE-22
7.5