CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-7703

Malicious code in bioql PyPI...

7.5CVSS5.8AI score0.00458EPSS

Exploits1References5

RedhatCVE•added 2025/05/22 5:37 p.m.•3 views

CVE-2020-36629

A vulnerability classified as critical was found in SimbCo httpster. This vulnerability affects the function fs.realpathSync of the file src/server.coffee. The manipulation leads to path traversal. The exploit has been disclosed to the public and may be used. The name of the patch is...

7.5CVSS6.8AI score0.00458EPSS

Exploits1

Veracode•added 2023/01/05 12:23 p.m.•20 views

Path Traversal

httpster is vulnerable to path traversal. The vulnerability exists in server.js because it accesses files and directories that are stored outside the intended folder, which allows an attacker to access arbitrary files and directories stored...

7.5CVSS7.3AI score0.00458EPSS

Exploits1References4Affected Software1

Github Security Blog•added 2022/12/25 12:30 p.m.•14 views

SimbCo httpster vulnerable to Path Traversal

7.5CVSS7.4AI score0.00458EPSS

Exploits1References5Affected Software1

vulnersOsv•added 2022/12/25 12:30 p.m.•2 views

@github1/protractor-axe-html-report-plugin (>=1.1.2 <=1.1.3), protractor-axe-html-report-plugin (>=0.0.1 <=1.1.1) +1 more potentially affected by CVE-2020-36629 via httpster (=1.0.3)

httpster NPM version =1.0.3 is affected by a known vulnerability. The following packages have a transitive dependency on httpster and may be impacted: - @github1/protractor-axe-html-report-plugin =1.1.2, =0.0.1, =1.0.0, =2.1.0 Source cves: CVE-2020-36629 Source advisory: OSV:GHSA-P8J8-WXVP-H695...

7.5CVSS6.3AI score0.00458EPSS

Exploits1

OSV•added 2022/12/25 12:30 p.m.•15 views

GHSA-P8J8-WXVP-H695 SimbCo httpster vulnerable to Path Traversal

7.5CVSS6.4AI score0.00458EPSS

Exploits1References5

OSV•added 2022/12/25 11:15 a.m.•12 views

CVE-2020-36629

7.5CVSS7.7AI score

Exploits0References3

NVD•added 2022/12/25 11:15 a.m.•8 views

CVE-2020-36629

7.5CVSS0.00458EPSS

Exploits1References3

Prion•added 2022/12/25 11:15 a.m.•7 views

Path traversal

5CVSS7.6AI score0.00458EPSS

Exploits1References3Affected Software1

Cvelist•added 2022/12/25 10:20 a.m.•12 views

CVE-2020-36629 SimbCo httpster server.coffee fs.realpathSync path traversal

5.5CVSS7.6AI score0.00458EPSS

Exploits1References3

CVE•added 2022/12/25 10:20 a.m.•52 views

CVE-2020-36629

CVE-2020-36629 affects SimbCo httpster (fs.realpathSync in src/server.coffee), enabling path traversal. Exploit has been disclosed publicly. Patch d3055b3e30b40b65d30c5a06d6e053dffa7f35d0 is available and should be applied to fix. CVSSv3.1 base score 7.5 (HIGH) per NVD.

7.5CVSS6.5AI score0.00458EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2022/12/25 10:20 a.m.•3 views

CVE-2020-36629 SimbCo httpster server.coffee fs.realpathSync path traversal

5.5CVSS7.6AI score0.00458EPSS

Exploits1References3

CNNVD•added 2022/12/25 12:0 a.m.•1 views

httpster 路径遍历漏洞

httpster is a SimbCo open source simple http server for fast content loading. A path traversal vulnerability exists in httpster, which stems from a problem with the function fs.realpathSync in the file src/server.coffee, which can lead to path traversal...

7.5CVSS6.1AI score0.00458EPSS

Exploits1References3

Huntr•added 2020/08/14 12:0 a.m.•9 views

Path Traversal in simbco/httpster

Description I would like to report a Path Traversal vulnerability in the httpster module. It allows an attacker to read system files via a Path Traversal vulnerability. With a symbolically linked file in the working directory, it is possible to read arbitrary files outside of the web root...

1.5AI score

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by