CVE-2022-27209

A missing permission check in Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

BELL-CVE-2025-27209 CVE-2025-27209 does not affect BellSoft software

Bulletin has no description...

CVE-2025-27209

A flaw was found in nodejs. The V8 component’s rapidhash implementation introduces a HashDoS vulnerability, allowing an attacker who can control the strings being hashed to trigger excessive CPU usage by generating numerous hash collisions. This exploitation vector results in an application level...

CVE-2025-27209

The V8 release used in Node.js v24.0.0 has changed how string hashes are computed using rapidhash. This implementation re-introduces the HashDoS vulnerability as an attacker who can control the strings to be hashed can generate many hash collisions - an attacker can generate collisions even witho...

CVE-2025-27209

The V8 release used in Node.js v24.0.0 has changed how string hashes are computed using rapidhash. This implementation re-introduces the HashDoS vulnerability as an attacker who can control the strings to be hashed can generate many hash collisions - an attacker can generate collisions even witho...

Node.js 24.x < 24.4.1 HashDoS Vulnerability - Windows

Node.js is prone to a HashDoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js"; ifdescription...

Node.js 24.x < 24.4.1 HashDoS Vulnerability - Mac OS X

Node.js is prone to a HashDoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js"; ifdescription...

CVE-2025-27209

creationtimestamp| type| source ---|---|--- 2025-07-16 20:41:28+00:00| seen| https://bsky.app/profile/getpokemon7.bsky.social/post/3lu4bpfj2nk24 2025-07-16 20:48:52+00:00| seen| https://bsky.app/profile/getpokemon7.bsky.social/post/3lu4c4i4mu224 2025-07-18 01:20:47+00:00| seen|...

Node.js 20.x < 20.19.4 / 22.x < 22.17.1 / 24.x < 24.4.1 Multiple Vulnerabilities (Tuesday, July 15, 2025 Security Releases).

The version of Node.js installed on the remote host is prior to 20.19.4, 22.17.1, 24.4.1. It is, therefore, affected by multiple vulnerabilities as referenced in the Tuesday, July 15, 2025 Security Releases advisory. - The V8 release used in Node.js v24.0.0 has changed how string hashes are...

sssd security and bug fix update

2.9.4-6.0.1 - Restore default debug level for ssscache Orabug: 32810448 2.9.4-6 - Resolves: RHEL-27209 - Race condition during authorization leads to GPO policies functioning inconsistently rhel-9.4.0 2.9.4-5 - Resolves: RHEL-28161 - Passkey cannot fall back to password 2.9.4-4 - Resolves:...

CVE-2024-27209

there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-27209

CVE-2024-27209 corresponds to a local elevation-of-privilege issue described as a possible out-of-bounds write caused by a heap buffer overflow. Public sources indicate this vulnerability affects Google Pixel/Android modem components and can be exploited with no user interaction to achieve privil...

org.jenkins-ci.plugins:azure-acs (>=0.1.0 <=0.2.4), org.jenkins-ci.plugins:azure-dev-spaces (>=3.0.0 <=3.0.3) potentially affected by CVE-2022-27209 via org.jenkins-ci.plugins:kubernetes-cd (>=0.1.0 <=0.2.3)

org.jenkins-ci.plugins:kubernetes-cd MAVEN version =0.1.0, =0.1.0, =3.0.0, =3.0.3 Source cves: CVE-2022-27209 Source advisory: OSV:GHSA-23X5-J68G-6JPW...

CVE-2022-27209

A missing permission check in Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

CVE-2022-27209

CVE-2022-27209 : Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier is affected by a missing permission check on HTTP endpoints. This allows attackers with Overall/Read permission to enumerate credentials IDs stored in Jenkins, exposing credential identifiers. Root cause: inadequate ac...

CVE-2020-27209

CVE-2020-27209 affects the micro-ecc library (v1.0) ECDSA; the ECDSA operation is vulnerable to simple power analysis, enabling an attacker to extract the private ECC key. Consequences: Confidentiality impact (private key exposure) as documented. No remediation specifics (patch/version) are provi...

CVE-2021-27209

creationtimestamp| type| source ---|---|--- 2021-02-13 07:44:08+00:00| seen| https://t.me/cibsecurity/23574...

CVE-2021-27209

In the management interface on TP-Link Archer C5v 1.7181221 devices, credentials are sent in a base64 format over cleartext HTTP...

CVE-2021-27209

CVE-2021-27209 affects TP-Link Archer C5v 1.7_181221 devices where the management interface transmits credentials encoded in base64 over cleartext HTTP. The root cause is insecure transmission of authentication data in the management UI, enabling potential eavesdropping or credential exposure if ...