CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4420 matches found

OSV•added 2024/11/14 12:0 a.m.•17 views

OPENSUSE-SU-2024:14494-1 nodejs-electron-31.7.4-1.1 on GA media

These are all security issues fixed in the nodejs-electron-31.7.4-1.1 package on the GA media of openSUSE Tumbleweed...

8.8CVSS8.7AI score0.00489EPSS

Exploits0References2

OSV•added 2024/11/08 5:15 a.m.•5 views

AZL-52604 CVE-2024-21538 affecting package nodejs for versions less than 20.14.0-3

Versions of the package cross-spawn before 6.0.6, from 7.0.0 and before 7.0.5 are vulnerable to Regular Expression Denial of Service ReDoS due to improper input sanitization. An attacker can increase the CPU usage and crash the program by crafting a very large and well crafted string...

8.7CVSS6.7AI score0.00873EPSS

Exploits0References1

OSV•added 2024/11/08 5:15 a.m.•4 views

AZL-52551 CVE-2024-21538 affecting package nodejs18 for versions less than 18.20.3-2

8.7CVSS6.7AI score0.00873EPSS

Exploits0References1

Tenable Nessus•added 2024/11/07 12:0 a.m.•14 views

RHEL 8 : nodejs:18 (RHSA-2024:6148)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6148 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

6.5CVSS6.7AI score0.01104EPSS

Exploits1References7

SUSE CVE•added 2024/10/30 4:6 a.m.•4 views

SUSE CVE-2024-42460

In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because there is a missing check for whether the leading bit of r and s is zero...

5.3CVSS9.4AI score0.00459EPSS

Exploits1References4

OSSF Malicious Packages•added 2024/10/29 2:14 a.m.•6 views

Malicious code in webhooks-resources-nodejs-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3a43dfca0a81576880163a0fe81d037a7afb900df7a2de98b47f233cc57cc587 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

Exploits0References1

OSV•added 2024/10/29 2:14 a.m.•5 views

MAL-2024-10267 Malicious code in webhooks-resources-nodejs-server (npm)

7AI score

Exploits0References1

RedHat Linux•added 2024/10/28 9:28 p.m.•24 views

Important: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.9.5 bug fixes and container updates

Red Hat Advanced Cluster Management for Kubernetes 2.9.5 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...

9.1CVSS6.9AI score0.00617EPSS

Exploits2References2

OPENSUSE Linux•added 2024/10/26 12:0 a.m.•4 views

nodejs-electron-31.7.2-1.1 on GA media (moderate)

nodejs-electron-31.7.2-1.1 on GA media Announcement ID: openSUSE-SU-2024:14425-1 Rating: moderate Cross-References: CVE-2024-7025 CVE-2024-7965 CVE-2024-8198 CVE-2024-8362 CVE-2024-8636 CVE-2024-9121 CVE-2024-9123 Affected Products: openSUSE Tumbleweed An update that solves 7 vulnerabilities can...

8.8CVSS7AI score0.17227EPSS

Exploits5

OSV•added 2024/10/25 12:0 a.m.•16 views

OPENSUSE-SU-2024:14425-1 nodejs-electron-31.7.2-1.1 on GA media

These are all security issues fixed in the nodejs-electron-31.7.2-1.1 package on the GA media of openSUSE Tumbleweed...

8.8CVSS9.2AI score0.17227EPSS

Exploits5References8

OSV•added 2024/10/22 2:24 a.m.•22 views

RHSA-2024:6147 Red Hat Security Advisory: nodejs:18 security update

Bulletin has no description...

6.5CVSS6.5AI score0.01104EPSS

Exploits1References14