CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4389 matches found

Tenable Nessus•added 2019/06/13 12:0 a.m.•40 views

Fedora 30 : nodejs-tough-cookie (2019-76f1b57c1c)

Update to 2.3.4 upstream release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...

7.5CVSS6.6AI score0.03283EPSS

Exploits0References2

OpenVAS•added 2019/06/13 12:0 a.m.•128 views

Fedora Update for nodejs-tough-cookie FEDORA-2019-76f1b57c1c

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.7AI score0.03283EPSS

Exploits0References2

Pen Test Partners Blog•added 2019/06/07 12:0 p.m.•422 views

Bloodhound walkthrough. A Tool for Many Tradecrafts

A walkthrough on how to set up and use BloodHound BloodHound is an application used to visualize active directory environments. The front-end is built on electron and the back-end is a Neo4j database, the data leveraged is pulled from a series of data collectors also referred to as ingestors whic...

7.6AI score

Exploits0

Github Security Blog•added 2019/06/05 9:48 a.m.•11 views

High severity vulnerability that affects gun

Urgent Upgrade The static file server module included with GUN had a serious vulnerability: - Using curl --path-as-is allowed reads on any parent directory or files. This did not work via the browser or via curl without as-is option. Fixed This has been fixed since version 0.2019.416 and higher...

2.1AI score

Exploits0References2Affected Software1

OSV•added 2019/06/05 9:48 a.m.•9 views

GHSA-886V-MM6P-4M66 High severity vulnerability that affects gun

7AI score

Exploits0References3

vulnersOsv•added 2019/06/03 5:26 p.m.•32 views

09-nodejs (=1.0.0), 11.17r (=1.0.0) +1752 more potentially affected by unknown CVE via concat-stream (>=1.5.0 <=1.5.1)

concat-stream NPM version =1.5.0, =0.0.1, =1.0.1, =0.0.2, =0.0.1, =0.1.0, =0.1.0, =1.0.1-0.beta.1, =1.0.0-beta.1, =1.1.5-beta.4 - @arezooq/webserverpackage =1.0.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-G74R-FFVR-5Q9F...

5.8AI score

Exploits0

Kitploit•added 2019/05/17 12:55 p.m.•292 views

Project iKy - Tool That Collects Information From An Email And Shows Results In A Nice Visual Interface

Project iKy is a tool that collects information from an email and shows results in a nice visual interface. Visit the Gitlab Page of the Project Project First of all we want to advice you that we have changed the Frontend from AngularJS to Angular 7. For this reason we left the project with...

7.1AI score

Exploits0References2

NVD•added 2019/05/13 3:29 p.m.•10 views

CVE-2019-12047

Gridea v0.8.0 has an XSS vulnerability through which the Nodejs module can be called to achieve arbitrary code execution, as demonstrated by childprocess.exec and the "img src= onerror='evalnew Buffer" substring...

6.1CVSS6.3AI score0.0124EPSS

Exploits1References1

OSV•added 2019/05/13 3:29 p.m.•11 views

CVE-2019-12047

6.1CVSS6.5AI score

Exploits0References1

Prion•added 2019/05/13 3:29 p.m.•15 views

Design/Logic Flaw

4.3CVSS6.2AI score0.0124EPSS

Exploits1References1Affected Software1

OSV•added 2019/05/13 2:29 p.m.•1 views

CVE-2018-18524

Evernote 6.15 on Windows has an incorrectly repaired stored XSS vulnerability. An attacker can use this XSS issue to inject Node.js code under Present mode. After a victim opens an affected note under Present mode, the attacker can read the victim's files and achieve remote execution command on t...

6.1CVSS6AI score

Exploits0References2

CVE•added 2019/05/13 2:21 p.m.•37 views

CVE-2019-12047

CVE-2019-12047 affects Gridea v0.8.0 with an XSS flaw that allows an attacker to trigger arbitrary code execution by invoking a Node.js module (e.g., via child_process.exec) from crafted input, demonstrated by an onerror payload. The issue is caused by insufficient input sanitization leading to ...

6.1CVSS6.2AI score0.0124EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/05/13 2:21 p.m.•10 views

CVE-2019-12047

6.3AI score0.0124EPSS

Exploits1References1

OpenVAS•added 2019/05/07 12:0 a.m.•65 views

Fedora Update for nodejs-simple-markdown FEDORA-2019-36ce1cb623

6.1CVSS6.3AI score0.01274EPSS

Exploits0References2

Tenable Nessus•added 2019/05/02 12:0 a.m.•24 views

Fedora 30 : nodejs-simple-markdown (2019-bce274cbf6)

Update to latest upstream release, fix CVE-2019-9844 rhbz1695304, Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...

6.1CVSS6.1AI score0.01274EPSS

Exploits0References2

Tenable Nessus•added 2019/05/02 12:0 a.m.•17 views

Fedora 30 : nodejs-handlebars (2019-c1213f866c)

Security fix for https://www.npmjs.com/advisories/755 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

5.5AI score

Exploits0References2

OpenVAS•added 2019/04/17 12:0 a.m.•20 views

Fedora Update for nodejs-simple-markdown FEDORA-2019-8e7c71f45b

6.1CVSS6.3AI score0.01274EPSS

Exploits0References2

Tenable Nessus•added 2019/04/15 12:0 a.m.•25 views

Fedora 28 : nodejs-simple-markdown (2019-8e7c71f45b)

6.1CVSS6.1AI score0.01274EPSS

Exploits0References2

Tenable Nessus•added 2019/04/15 12:0 a.m.•29 views

Fedora 29 : nodejs-simple-markdown (2019-36ce1cb623)