Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Tenable Nessus
Tenable Nessusadded 2026/04/16 12:0 a.m.16 views

AlmaLinux 9 : nodejs:24 (ALSA-2026:7350)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:7350 advisory. nodejs: Nodejs denial of service CVE-2026-21637 brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion CVE-2026-25547...

9.8CVSS5.9AI score0.00175EPSS
Exploits1References20
RedHat Linux
RedHat Linuxadded 2026/04/13 2:27 a.m.1 views

Node.js: Node.js: Information disclosure due to `fs.realpathSync.native()` bypassing filesystem read restrictions

A flaw was found in Node.js. The Node.js Permission Model, intended to restrict filesystem access, does not properly enforce read permission checks for the fs.realpathSync.native function. This vulnerability allows code operating under --permission with restricted --allow-fs-read flags to bypass...

3.3CVSS6.1AI score0.00006EPSS
Exploits0References5
OSV
OSVadded 2026/04/13 12:0 a.m.6 views

ALSA-2026:7670 Important: nodejs:24 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Nodejs denial of service CVE-2026-21637 minimatch: minimatch: Denial of Service via specially crafted glob patterns CVE-2026-26996 undici:...

9.8CVSS5.8AI score0.00175EPSS
Exploits1References36
Tenable Nessus
Tenable Nessusadded 2026/04/13 12:0 a.m.4 views

RHEL 10 : nodejs24 (RHSA-2026:7675)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:7675 advisory. Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an...

9.8CVSS6.7AI score0.00175EPSS
Exploits1References38
OSV
OSVadded 2026/04/09 12:0 a.m.7 views

ALSA-2026:7350 Important: nodejs:24 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Nodejs denial of service CVE-2026-21637 brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion...

9.8CVSS5.8AI score0.00175EPSS
Exploits1References38
Mageia
Mageiaadded 2026/03/28 7:26 a.m.4 views

Updated nodejs packages fix security vulnerabilities

Incomplete fix for CVE-2026-21637: loadSNI in tlswrap.js lacks try/catch leading to Remote DoS. CVE-2026-21637 Denial of Service via proto header name in req.headersDistinct Uncaught TypeError crashes Node.js process. CVE-2026-21710 Timing side-channel in HMAC verification via memcmp in...

7.5CVSS6.7AI score0.00044EPSS
Exploits0References2
GithubExploit
GithubExploitadded 2026/02/15 7:39 p.m.198 views

Exploit for CVE-2025-4517

CVE-2025-4517 / CVE-2025-4330 — Python tarfile Data Filter B...

9.4CVSS6.9AI score0.01012EPSS
Exploits11
SUSE CVE
SUSE CVEadded 2023/02/15 6:19 a.m.2 views

SUSE CVE-2004-1064

The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate the file path before passing the data to the realpath function, which could allow attackers to bypass safe mode. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute...

10CVSS6.9AI score0.01731EPSS
Exploits0References3
Rows per page
Query Builder