Lucene search
+L

72 matches found

rocky
rocky
added yesterday6 views

nodejs:24 security, bug fix, and enhancement update

An update is available for nodejs, module.nodejs, nodejs-packaging, nodejs-nodemon, module.nodejs-packaging, module.nodejs-nodemon. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.8CVSS6.5AI score0.02806EPSS
Exploits1
redhat
redhat
added 2026/07/06 3:7 p.m.8 views

Important: Red Hat Security Advisory: nodejs:22 security, bug fix, and enhancement update

An update for the nodejs:22 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.5AI score0.02806EPSS
Exploits1References15
almalinux
almalinux
added 2026/07/06 12:0 a.m.5 views

Important: nodejs:24 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input CVE-2026-42338 undici: undici: Denial of Service due to...

9.8CVSS6.5AI score0.02806EPSS
Exploits1References32
cgr
cgr
added 2026/06/23 8:16 a.m.10 views

CVE-2026-12151 vulnerabilities

Vulnerabilities for packages: code-server, prism, saf, renovate, vitess, node-gyp, npm, actions-runner, gemini-cli, py3-captum, pelias-api, kibana, haraka...

7.5CVSS7AI score0.00789EPSS
Exploits0
wolfi
wolfi
added 2026/06/22 8:20 p.m.11 views

CVE-2026-12151 vulnerabilities

Vulnerabilities for packages: vitess, npm, renovate, node-gyp, saf, code-server, prism...

7.5CVSS7AI score0.00789EPSS
Exploits0
nessus
nessus
added 2026/06/20 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2026-12151

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Impact: The undici WebSocket client enforces maxPayloadSize on the cumulative byte count of fragments in a message but does not enforce a limit on the number of...

7.5CVSS7AI score0.00789EPSS
Exploits0References4
osv
osv
added 2026/06/17 5:16 p.m.7 views

DEBIAN-CVE-2026-12151

Impact: The undici WebSocket client enforces maxPayloadSize on the cumulative byte count of fragments in a message but does not enforce a limit on the number of fragments. A malicious WebSocket server can stream many small or empty continuation frames that each pass per-frame and cumulative-size...

7.5CVSS5.3AI score0.00789EPSS
Exploits0References1
circl
circl
added 2026/06/17 4:12 p.m.10 views

CVE-2026-12151

creationtimestamp| type| source ---|---|--- 2026-06-17 16:12:44+00:00| seen| https://bsky.app/profile/ulisesgascon.com/post/3moipe7e5is2g 2026-06-17 18:55:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3moiyi3y4jq27 2026-06-18 15:59:01+00:00| seen|...

7.5CVSS5.8AI score0.00789EPSS
Exploits0References5
cve
cve
added 2026/06/17 4:5 p.m.199 views

CVE-2026-12151

The CVE affects the undici WebSocket client (and WebSocketStream API) where maxPayloadSize is enforced per-frame but there is no limit on the number of fragments in a message. A malicious server can send many small or empty continuation frames, each passing validation, causing unbounded memory gr...

7.5CVSS5.3AI score0.00789EPSS
Exploits0References17Affected Software1
euvd
euvd
added 2025/10/07 12:30 a.m.8 views

EUVD-2017-6555

Malware in sbrugna...

7.4CVSS7.3AI score0.01715EPSS
Exploits0References5
redhatcve
redhatcve
added 2025/05/23 6:48 a.m.9 views

CVE-2024-12151

Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0 and earlier allows users to retain their old permission sets...

5CVSS6.8AI score0.00268EPSS
Exploits0References1
osv
osv
added 2024/12/04 6:15 p.m.4 views

CVE-2024-12151

Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0 and earlier allows users to retain their old permission sets...

5CVSS5.8AI score0.00268EPSS
Exploits0References1
circl
circl
added 2024/12/04 5:42 p.m.8 views

CVE-2024-12151

creationtimestamp| type| source ---|---|--- 2024-12-04 17:42:36+00:00| seen| https://infosec.exchange/users/cve/statuses/113595787225996422 2024-12-04 20:06:41+00:00| seen| https://t.me/cvedetector/12024...

5CVSS4.8AI score0.00268EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2024/12/04 5:17 p.m.20 views

CVE-2024-12151

Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0 and earlier allows users to retain their old permission sets...

6.8AI score0.00268EPSS
Exploits0References1
cve
cve
added 2024/12/04 5:17 p.m.58 views

CVE-2024-12151

CVE-2024-12151 affects Devolutions Server (versions 2024.3.8.0 and earlier) due to an incorrect permission assignment in the User Migration feature, allowing users to retain their old permission sets. The vulnerable component is the User Migration feature; root cause: incorrect permission handlin...

5CVSS6.9AI score0.00268EPSS
Exploits0References1Affected Software1
nessus
nessus
added 2024/06/03 12:0 a.m.23 views

RHEL 6 : samba4 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - samba: SMB2 connections don't keep encryption across DFS redirects CVE-2017-12151 - smbd in Samba before...

7.4CVSS7.4AI score0.04595EPSS
Exploits1References2
intel
intel
added 2023/03/10 12:0 a.m.25 views

Intel® Extreme Tuning Utility Advisory

Summary: Potential security vulnerabilities in Intel® Extreme Tuning Utility may allow privilege escalation or information disclosure. Intel is releasing Intel® Extreme Tuning Utility updates to mitigate these potential vulnerabilities. Vulnerability Details CVEID: CVE-2018-12150 Description:...

6.7CVSS6.6AI score0.00377EPSS
Exploits2
susecve
susecve
added 2023/02/15 4:42 a.m.3 views

SUSE CVE-2017-12151

A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the...

8CVSS6.5AI score0.04595EPSS
Exploits0References9
susecve
susecve
added 2023/02/15 4:38 a.m.3 views

SUSE CVE-2017-15086

It was discovered that the fix for CVE-2017-12151 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6...

7.4CVSS9.2AI score0.01715EPSS
Exploits0References3
openvas
openvas
added 2022/04/21 12:0 a.m.18 views

Slackware: Security Advisory (SSA:2017-263-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS6.7AI score0.13334EPSS
Exploits0References5
Rows per page
Query Builder