4420 matches found
CVE-2024-34712
Oceanic (NodeJS) vulnerability CVE-2024-34712 affects versions prior to 1.10.4. Input to functions like Client.rest.channels.removeBan is not URL-encoded, allowing crafted input such as ../../../channels/{id} to be normalized into /api/v10/channels/{id}, potentially causing unintended channel act...
Exploit for Cross-site Scripting in Litespeedtech Litespeed_Cache
LiteSpeed Cache XSS PoC PoC for XSS vulnerability in the Lite...
RHEL 8 : nodejs-mime (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-mime: Regular expression Denial of Service CVE-2017-16138 Note that Nessus has not tested for this issue but...
RHEL 7 : nodejs-minimatch (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-minimatch: ReDoS via the braceExpand function CVE-2022-3517 Note that Nessus has not tested for this issue b...
RHEL 6 : nodejs-minimatch (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-minimatch: ReDoS via the braceExpand function CVE-2022-3517 Note that Nessus has not tested for this issue b...
RHEL 6 : nodejs-handlebars (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nodejs-handlebars: Remote code execution when compiling untrusted compile templates with compat:true opti...
RHEL 7 : nodejs-handlebars (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nodejs-handlebars: Remote code execution when compiling untrusted compile templates with compat:true opti...
RHEL 7 : nodejs-ua-parser-js (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nodejs-ua-parser-js: ReDoS in multiple regexes CVE-2020-7793 - The package ua-parser-js before 0.7.22 are...
RHEL 8 : nodejs-set-value (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-set-value: prototype pollution in function set-value CVE-2019-10747 Note that Nessus has not tested for this...
RHEL 6 : nodejs-semver (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-semver: Regular expression denial of service CVE-2022-25883 Note that Nessus has not tested for this issue b...
RHEL 7 : nodejs-semver (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-semver: Regular expression denial of service CVE-2022-25883 Note that Nessus has not tested for this issue b...
RHEL 8 : nodejs-trim-newlines (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-trim-newlines: ReDoS in .end method CVE-2021-33623 Note that Nessus has not tested for this issue but has...
RHEL 8 : nodejs-request (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-request: Remote Memory Exposure when a multipart request is made CVE-2017-16026 Note that Nessus has not...
RHEL 8 : nodejs-kind-of (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-kind-of: ctorName in index.js allows external user input to overwrite certain internal attributes...
RHEL 8 : nodejs-css-what (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-css-what: does not ensure that attribute parsing has linear time complexity relative to the size of the inpu...
RHEL 8 : nodejs-mixin-deep (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-mixin-deep: prototype pollution in function mixin-deep CVE-2019-10746 Note that Nessus has not tested for th...
RHEL 8 : nodejs-postcss (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-postcss: Regular expression denial of service during source map parsing CVE-2021-23368 Note that Nessus has...
RHEL 8 : nodejs-debug (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-debug: Regular expression Denial of Service CVE-2017-16137 Note that Nessus has not tested for this issue bu...
RHEL 8 : nodejs-bootstrap-select (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-bootstrap-select: not escaping title values on may lead to XSS CVE-2019-20921 Note that Nessus has not teste...
RHEL 8 : nodejs-http-signature (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-http-signature: HTTP header forgery CVE-2017-16005 Note that Nessus has not tested for this issue but has...