48 matches found
CVE-2025-15604
creationtimestamp| type| source ---|---|--- 2026-03-28 19:31:19+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mi5eoqsdgs2a 2026-03-28 20:00:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mi5gc7enog22 2026-03-29 10:54:35+00:00| seen|...
CVE-2025-15604
Summary (CVE-2025-15604) Amon2 for Perl with vulnerable random_string implementation affects versions before 6.17. In 6.06–6.16, random_string reads /dev/urandom if available; if not, it falls back to a SHA-1 hash seeded with rand(), the PID, and the high-resolution epoch time. The epoch time can...
Ubuntu: Security Advisory (USN-6380-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Security vulnerabilities in IBM SDK for Node.js might affect the configuration editor used by IBM Business Automation Workflow and IBM Business Process Manager (BPM)
Summary Security vulnerabilities have been reported for IBM SDK for Node.js. IBM Business Automation Workflow and IBM BPM include a stand-alone tool for editing configuration properties files that is based on IBM SDK for Node.js. Vulnerability Details CVEID:CVE-2019-15606 DESCRIPTION: Node.js cou...
Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Cloud App Management
Summary There are vulnerabilities in Node.js used by IBM® Cloud App Management. IBM® Cloud App Management has addressed the applicable CVEs in a later version. Vulnerability Details CVEID:CVE-2019-15604 DESCRIPTION: Node.js is vulnerable to a denial of service, caused by improper certificate...
Security Bulletin: Node.js vulnerabilities affect IBM Spectrum Control (CVE-2019-15606, CVE-2019-15604, CVE-2019-15605)
Summary Node.js is vulnerable to security bypass, denial of service and HTTP request smuggling. These vulnerabilities affect IBM Spectrum Control. Vulnerability Details CVEID: CVE-2019-15606 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by an issue whe...
Mageia: Security Advisory (MGASA-2020-0372)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:0488-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:0427-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM DataPower Gateway affected by multiple CVEs in Node.js
Summary IBM has addressed the applicable CVEs Vulnerability Details CVEID: CVE-2019-15606 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by an issue when HTTP header values do not have trailing OWS trimmed. By sending a specially-crafted request, an...
SUSE: Security Advisory (SUSE-SU-2020:0455-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:0454-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Elastic Kibana < 6.8.7, 7.x < 7.6.1 Multiple Vulnerabilities in Node.js (ESA-2020-01) - Linux
Kibana is prone to multiple vulnerabilities in the shipped 3rdparty Node.js component. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Security Bulletin: Security Vulnerabilities affect IBM Cloud Pak for Data - Node.js (CVE-2019-15606, CVE-2019-15604, CVE-2019-15605)
Summary Security Vulnerabilities affect IBM Cloud Pak for Data - Node.js CVE-2019-15606, CVE-2019-15604, CVE-2019-15605 Vulnerability Details CVEID: CVE-2019-15606 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by an issue when HTTP header values do not...
JVN#60093979: Multiple vulnerabilities in Active Update function implemented in multiple Trend Micro products
Active Update function implemented in Premium Security 2019 for Windows v15, Maximum Security 2019 for Windows v15, Internet Security 2019 for Windows v15 and Antivirus+ 2019 for Windows v15 provided by Trend Micro Incorporated contain multiple vulnerabilities listed below. Update files are not...
Security Bulletin: IBM Cloud Transformation Advisor is affected by multiple Node.js vulnerabilities.
Summary IBM Cloud Transformation Advisor has addressed multiple Node.js vulnerabilities. Vulnerability Details CVEID: CVE-2019-15606 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by an issue when HTTP header values do not have trailing OWS trimmed. By...
Oracle Linux 8 : nodejs:12 (ELSA-2020-0598)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-0598 advisory. nodejs 1:12.16.1-1 - Resolves: RHBZ1800393, RHBZ1800394, RHBZ1800380 - Rebase to 12.16.1 nodejs-nodemon nodejs-packaging Tenable has extracted the...
Security Bulletin: IBM Event Streams is affected by multiple Node.js vulnerabilities
Summary IBM Event Streams is affected by the following vulnerabilities in the included Node.js runtime shipped. Vulnerability Details CVEID: CVE-2019-15606 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by an issue when HTTP header values do not have...
[SECURITY] [DSA 4669-1] nodejs security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4669-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 29, 2020 https://www.debian.org/security/faq -...
Security Bulletin: Version 10.16.3 of Node.js included in IBM Cloud Event Management 2.5.0 has several security vulnerabilities.
Summary Security Bulletin: Version 10.16.3 of Node.js included in IBM Cloud Event Management 2.5.0 has several security vulnerabilities. Vulnerability Details CVEID: CVE-2019-15606 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by an issue when HTTP...