Lucene search
K

12 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/04/27 9:35 a.m.6 views

Security Bulletin: IBM watsonx.data integration (Data Observability) is vulnerable to node-forge-1.3.1.tgz due to CVE-2025-12816 ( CVE number(s) )

Summary An interpretation-conflict CWE-436 vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security...

8.6CVSS6.5AI score0.00689EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2026/03/27 12:0 a.m.3 views

openSUSE Security Advisory (SUSE-SU-2026:1008-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.01535EPSS
Exploits3References8
OpenVAS
OpenVAS
added 2026/03/27 12:0 a.m.5 views

openSUSE Security Advisory (SUSE-SU-2026:1013-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.8AI score0.01535EPSS
Exploits4References24
Tenable Nessus
Tenable Nessus
added 2026/03/26 12:0 a.m.3 views

SUSE SLED15: firewalld-prometheus-config / golang-github-prometheus-alertmanager / etc (SUSE-SU-2026:1008-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1008-1 advisory. golang-github-prometheus-alertmanager, golang-github-prometheus-nodeexporter: - Internal changes...

9.8CVSS7.2AI score0.01535EPSS
Exploits3References16
OpenVAS
OpenVAS
added 2026/02/13 12:0 a.m.2 views

SUSE: Security Advisory (SUSE-SU-2026:20232-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS6.5AI score0.01535EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/12/05 7:24 p.m.3 views

CVE-2025-12816

A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 Abstract Syntax Notation One structures to desynchronize schema validations, yielding a semantic divergence. Mitigation...

8.7CVSS4.1AI score0.00689EPSS
Exploits1References8
Wolfi
Wolfi
added 2025/12/01 7:48 p.m.4 views

CVE-2025-12816 vulnerabilities

Vulnerabilities for packages: jitsucom-jitsu, kubeflow-centraldashboard, opensearch-dashboards, kubeflow-pipelines, argo-workflows...

8.6CVSS6.9AI score0.00689EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/12/01 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-12816

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An interpretation-conflict CWE-436 vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to...

8.6CVSS6.9AI score0.00689EPSS
Exploits1References3
vulnersOsv
vulnersOsv
added 2025/11/26 10:7 p.m.8 views

-fides-amor-et-lux (=1.0.0), -tompan-reacttemplate (>=1.0.1 <=1.1.0) +41716 more potentially affected by CVE-2025-12816 via node-forge (>=0.10.0 <=1.3.1)

node-forge NPM version =0.10.0, =1.0.1, =1.1.0 - 00ld8nuivn =2.1.0 - 00rqiw31nd =2.1.0 - 01dk01majk =2.1.0 - 02rjq8i863 =1.1.0 - 02vx8qsp01 =2.1.0 - 05y6tjgmws =1.1.0 - 066m7q8o0z =2.1.0 - 06buj9h3su =2.1.0 - 06dre15t8r =2.1.0 - 0726react =0.1.1 - 07fgapmu9l =1.1.0 - 07t2xvu6t4 =2.1.0 - 0850u4lkp...

8.6CVSS6.9AI score0.00689EPSS
Exploits1
OSV
OSV
added 2025/11/25 8:15 p.m.8 views

AZL-71125 CVE-2025-12816 affecting package reaper for versions less than 3.1.1-21

An interpretation-conflict CWE-436 vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions...

8.6CVSS7.2AI score0.00689EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2025/11/25 8:15 p.m.4 views

CVE-2025-12816

An interpretation-conflict CWE-436 vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions...

8.6CVSS6.9AI score0.00689EPSS
Exploits1References7
vulnersOsv
vulnersOsv
added 2025/11/25 7:42 p.m.6 views

-fides-amor-et-lux (=1.0.0), 20_nogo (>=1.0.0 <=1.1.4) +1075 more potentially affected by CVE-2025-12816 via node-forge (>=1.0.0 <=1.3.1)

node-forge NPM version =1.0.0, =1.0.0, =7.10.2-para-beta.0, =1.3.0-patch.0, =1.1.0, =1.2.1, =1.0.0, =1.2.6, =1.23.2, =3.0.0-alpha.0, =3.1.0, =3.12.0-rc.0 and more Source cves: CVE-2025-12816 Source advisory: SNYK:JS-NODEFORGE-14114940...

8.6CVSS6.9AI score0.00689EPSS
Exploits1
Rows per page
Query Builder