Fedora Update for nodejs FEDORA-2019-7443ebda4b

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2020:0043-1 Security update for nodejs8

This update for nodejs8 to version 8.17.0 fixes the following issues: Security issues fixed: - CVE-2019-16777, CVE-2019-16776, CVE-2019-16775: Updated npm to 6.13.4, fixing an arbitrary path overwrite and access via 'bin' field bsc1159352...

Photon OS 1.0: Nodejs PHSA-2019-1.0-0257

An update of the nodejs package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0257. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid13252...

MyDomoAtHome REST API Domoticz ISS Gateway 0.2.40 - Information Disclosure Vulnerability

Exploit for hardware platform in category web applications Exploit: MyDomoAtHome REST API Domoticz ISS Gateway 0.2.40 - Information Disclosure Author: LiquidWorm Vendor: Emmanuel Product web page: https://github.com/empierre/MyDomoAtHome https://www.domoticz.com/wiki/ImperiHome...

MyDomoAtHome REST API Domoticz ISS Gateway 0.2.40 - Information Disclosure

Exploit: MyDomoAtHome REST API Domoticz ISS Gateway 0.2.40 - Information Disclosure Date: 2019-12-30 Author: LiquidWorm Vendor: Emmanuel Product web page: https://github.com/empierre/MyDomoAtHome https://www.domoticz.com/wiki/ImperiHome https://docs.imperihome.com/app/iss Affected version: 0.2.40...

Exploit for Code Injection in Mongo-Express_Project Mongo-Express

CVE-2019-10758 PoC Setup docker run -p 27017:27017 -...

nodeCrypto v2.0 - Ransomware Written In NodeJs

nodeCrypt is a linux Ransomware written in NodeJs that encrypt predefined files. This project was created for educational purposes, you are the sole responsible for the use of nodeCrypto. Demo video Install server Upload all file of server/ folder on your webserver. Create a sql database and impo...

ALBA-2019:4275 nodejs:12 bug fix update

The following packages have been upgraded to a later upstream version: nodejs 12.13.1. BZ1776116...

12 bug fix update

An update is available for nodejs-nodemon, nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The following packages have been upgraded to a later...

GHSA-H9RV-JMMF-4PGX Cross-Site Scripting in serialize-javascript

Versions of serialize-javascript prior to 2.1.1 are vulnerable to Cross-Site Scripting XSS. The package fails to sanitize serialized regular expressions. This vulnerability does not affect Node.js applications. Recommendation Upgrade to version 2.1.1 or later...

Node.js: Remotely trigger an assertion on a TLS server with a malformed certificate string

Summary: Connecting to a NodeJS TLS server with a client certificate that has a type 19 string in its subjectAltName will crash the TLS server if it tries to read the peer certificate. Affected versions include v10.17.0 and v13.1.0. This is related to issue...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-1.0-0257

An update of 'libsoup', 'postgresql', 'yum', 'nodejs', 'libxslt', 'binutils', 'libarchive', 'python2' packages of Photon OS has been released...

Critical Photon OS Security Update - PHSA-2019-0257

Updates of 'yum', 'linux', 'subversion', 'libarchive', 'libxslt', 'binutils', 'linux-esx', 'nodejs', 'python2', 'postgresql', 'libsoup' packages of Photon OS have been released...

Critical Photon OS Security Update - PHSA-2019-0190

Updates of 'ncurses', 'yum', 'libsoup', 'binutils', 'python2', 'postgresql', 'nodejs' packages of Photon OS have been released...

AZL-44412 CVE-2016-1000236 affecting package nodejs-nodemon 2.0.3-5

Node-cookie-signature before 1.0.6 is affected by a timing attack due to the type of comparison used...

ALEA-2019:3461 new module: nodejs:12

This enhancement update adds the nodejs:12 module to AlmaLinux BZ1685191 For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

new module: nodejs:12

This enhancement update adds the nodejs:12 module to AlmaLinux BZ1685191 For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

new module: nodejs:12

An update is available for nodejs-nodemon, nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list This enhancement update adds the nodejs:12 module to...

Node.js third-party modules: [git-promise] RCE via insecure command formatting

I would like to report a RCE issue in the git-promise module. It allows to execute arbitrary commands remotely inside the victim's PC Module module name: git-promise version: 0.3.1 npm page: https://www.npmjs.com/package/git-promise Module Description Simple wrapper that allows you to run any git...

Exploit for OS Command Injection in Rambox

CVE-2019-17625 There is a stored XSS vulnerability in rambox...