Lucene search
K

61 matches found

Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.12 views

Alibaba Cloud Linux 3 : 0016: nodejs:14 (ALINUX3-SA-2021:0016)

"The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0016 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-15366: An issue was discovered i...

9.8CVSS7.2AI score0.69062EPSS
Exploits6References8
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.41 views

Rocky Linux 8 : nodejs:12 (RLSA-2021:0549)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:0549 advisory. - The utilities function in all versions = 0.5.0 of the deep-extend node module can be tricked into modifying the prototype of Object when the attacker...

9.8CVSS7.1AI score0.16296EPSS
Exploits8References14
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.35 views

Rocky Linux 8 : nodejs:14 (RLSA-2021:0551)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:0551 advisory. - An issue was discovered in ajv.validate in Ajv aka Another JSON Schema Validator 6.12.2. A carefully crafted JSON schema could be provided that allows...

9.8CVSS7.4AI score0.69062EPSS
Exploits6References15
OpenVAS
OpenVAS
added 2023/09/20 12:0 a.m.25 views

Ubuntu: Security Advisory (USN-6380-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.57132EPSS
Exploits6References2
OSV
OSV
added 2023/08/31 12:15 p.m.2 views

BELL-CVE-2020-8265 CVE-2020-8265 does not affect BellSoft software

Bulletin has no description...

8.1CVSS5.8AI score0.09009EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2022/09/15 12:0 a.m.48 views

RHEL 7 : rh-nodejs12-nodejs (RHSA-2021:0485)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0485 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

9.8CVSS7.2AI score0.16296EPSS
Exploits8References16
ICS
ICS
added 2022/08/30 12:0 a.m.56 views

Hitachi Energy Gateway Station (GWS) Product

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Gateway Station GWS Product Vulnerability: Inconsistent Interpretation of HTTP Requests, Use After Free, Classic Buffer Overflow, Integer Underflow, Improper Certificate...

4.3CVSS7.9AI score0.04803EPSS
Exploits0References5
ICS
ICS
added 2022/03/08 12:0 a.m.128 views

Siemens SINEC INS

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEC INS Vulnerability: Using Components with Known Vulnerabilities 2. RISK EVALUATION Successful exploitation of this vulnerability in third-party components could allow an attacker...

9.8CVSS8.4AI score0.21952EPSS
Exploits1References11
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/02 10:3 p.m.45 views

Security Bulletin: IBM Cloud Private is vulnerable to OpenSSL and Node.js vulnerabilities (CVE-2020-1971, CVE-2020-8287, CVE-2020-8265)

Summary IBM Cloud Private is vulnerable to OpenSSL and Node.js vulnerabilities Vulnerability Details CVEID: CVE-2020-1971 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. If the GENERALNAMEcmp function contain an EDIPARTYNAME, an attacker could...

8.1CVSS0.5AI score0.16296EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/08/16 3:5 p.m.38 views

Security Bulletin: Vulnerabilities in Node.js in IBM DataPower Gateway

Summary IBM has addressed the following CVEs: CVE-2020-8287, CVE-2020-8265 Vulnerability Details CVEID: CVE-2020-8287 DESCRIPTION: Node.js is vulnerable to HTTP request smuggling. By sending specially crafted HTTP request headers, an attacker could exploit this vulnerability to poison the web...

8.1CVSS7.3AI score0.16296EPSS
Exploits3Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2021/07/30 9:10 p.m.41 views

Security Bulletin: Potential vulnerability with Node.js

Summary A potential vulnerability has been identified related to Node.js. Refer to details for additional information. Vulnerability Details CVEID: CVE-2020-1971 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. If the GENERALNAMEcmp function contain...

8.1CVSS6.6AI score0.16296EPSS
Exploits6Affected Software1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2021:0061-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.4AI score0.54164EPSS
Exploits3References3
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.27 views

SUSE: Security Advisory (SUSE-SU-2021:0082-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.9AI score0.16296EPSS
Exploits6References3
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.33 views

SUSE: Security Advisory (SUSE-SU-2021:0107-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.5AI score0.16296EPSS
Exploits3References3
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.46 views

SUSE: Security Advisory (SUSE-SU-2021:0068-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.9AI score0.16296EPSS
Exploits6References3
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2021:0062-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7AI score0.54164EPSS
Exploits6References3
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/05 11:54 a.m.29 views

Security Bulletin: IBM Integration Bus & IBM App Connect Enterprise V11 are affected by vulnerabilities in Node.js (CVE-2020-8265)

Summary IBM Integration Bus & IBM App Connect Enterprise V11 ship with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below. Vulnerability Details CVEID: CVE-2020-8265 DESCRIPTION: Node.js is vulnerable to a denial of service, caused by a...

8.1CVSS0.9AI score0.09009EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/29 11:3 a.m.57 views

Security Bulletin: IBM App Connect Enterprise Certified Container may be vulnerable to multiple denial of service and HTTP request smuggling vulnerabilities

Summary App Connect Enterprise flows may be susceptible to denial of service attacks due to CVE-2020-1971 and CVE-2020-8265 in the Node.js runtime, and all components may be vulnerable to HTTP request smuggling due to CVE-2020-8287. Vulnerability Details CVEID: CVE-2020-1971 DESCRIPTION: OpenSSL ...

8.1CVSS0.7AI score0.16296EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/19 12:56 p.m.42 views

Security Bulletin: Multiple vulnerabilites in Node.js affect IBM Integration Bus & IBM App Connect Enterprise V11

Summary IBM Integration Bus & IBM App Connect Enterprise V11 ship with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below. Vulnerability Details CVEID: CVE-2020-1971 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a...

8.1CVSS1AI score0.16296EPSS
Exploits6
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2021:0060-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.2AI score0.16296EPSS
Exploits6References7
Rows per page
Query Builder