Lucene search
K

79 matches found

Redos
Redos
added 2023/07/06 12:0 a.m.18 views

ROS-2-1172

2.1172 Vulnerability in BIND DNS server 1. Vulnerability description: Security issue is related to inefficiency of protection against "DNS rebinding" attacks when operating in the DNS server redirecting requests mode block "forwarders" in the settings.Identifier of the Information Security Threat...

7.3AI score
Exploits0
F5 Networks
F5 Networks
added 2023/04/12 7:47 p.m.35 views

K000133494: Node.js vulnerability CVE-2022-43548

Security Advisory Description A OS Command Injection vulnerability exists in Node.js versions 14.21.1, 16.18.1, 18.12.1, 19.0.1 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests...

8.1CVSS7.1AI score0.14024EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 3:25 a.m.5 views

SUSE CVE-2022-32212

A OS Command Injection vulnerability exists in Node.js versions 14.20.0, 16.20.0, 18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks...

7.5CVSS6.8AI score0.05614EPSS
Exploits0References16
OSV
OSV
added 2022/12/05 10:15 p.m.6 views

AZL-11577 CVE-2022-43548 affecting package nodejs for versions less than 16.18.1-2

A OS Command Injection vulnerability exists in Node.js versions 14.21.1, 16.18.1, 18.12.1, 19.0.1 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.Th...

8.1CVSS6.7AI score0.14024EPSS
Exploits0References1
OSV
OSV
added 2022/12/05 10:15 p.m.1 views

DEBIAN-CVE-2022-43548

A OS Command Injection vulnerability exists in Node.js versions 14.21.1, 16.18.1, 18.12.1, 19.0.1 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.Th...

8.1CVSS6.8AI score0.14024EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2022/12/05 10:15 p.m.46 views

CVE-2022-43548

A OS Command Injection vulnerability exists in Node.js versions 14.21.1, 16.18.1, 18.12.1, 19.0.1 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.Th...

8.1CVSS6.8AI score0.14024EPSS
Exploits0References3
Prion
Prion
added 2022/12/05 10:15 p.m.32 views

Command injection

A OS Command Injection vulnerability exists in Node.js versions 14.21.1, 16.18.1, 18.12.1, 19.0.1 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.Th...

5.1CVSS8.1AI score0.14024EPSS
Exploits0References5Affected Software2
Vulnrichment
Vulnrichment
added 2022/12/05 12:0 a.m.3 views

CVE-2022-43548

A OS Command Injection vulnerability exists in Node.js versions 14.21.1, 16.18.1, 18.12.1, 19.0.1 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.Th...

7.5AI score0.14024EPSS
Exploits0References5
Cvelist
Cvelist
added 2022/12/05 12:0 a.m.40 views

CVE-2022-43548

A OS Command Injection vulnerability exists in Node.js versions 14.21.1, 16.18.1, 18.12.1, 19.0.1 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.Th...

8.6AI score0.14024EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2022/07/22 7:0 a.m.2 views

A OS Command Injection vulnerability exists in Node.js versions <14.20.0 <16.20.0 <18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.

...

8.1CVSS7AI score0.05614EPSS
Exploits0
NVD
NVD
added 2022/07/14 3:15 p.m.29 views

CVE-2022-32212

A OS Command Injection vulnerability exists in Node.js versions 14.20.0, 16.20.0, 18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks...

8.1CVSS0.05614EPSS
Exploits0References1
OSV
OSV
added 2022/07/14 3:15 p.m.6 views

AZL-10149 CVE-2022-32212 affecting package nodejs for versions less than 16.20.2-4

A OS Command Injection vulnerability exists in Node.js versions 14.20.0, 16.20.0, 18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks...

8.1CVSS6.7AI score0.05614EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/07/14 3:15 p.m.1 views

CVE-2022-32212

A OS Command Injection vulnerability exists in Node.js versions 14.20.0, 16.20.0, 18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks...

8.1CVSS8.8AI score0.05614EPSS
Exploits0References12Affected Software1
Prion
Prion
added 2022/07/14 3:15 p.m.26 views

Command injection

A OS Command Injection vulnerability exists in Node.js versions 14.20.0, 16.20.0, 18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks...

5.1CVSS8AI score0.05614EPSS
Exploits0References1Affected Software4
UbuntuCve
UbuntuCve
added 2022/07/14 3:15 p.m.41 views

CVE-2022-32212

A OS Command Injection vulnerability exists in Node.js versions 14.20.0, 16.20.0, 18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks...

8.1CVSS6.8AI score0.05614EPSS
Exploits0References5
OSV
OSV
added 2022/07/14 3:15 p.m.8 views

UBUNTU-CVE-2022-32212

A OS Command Injection vulnerability exists in Node.js versions 14.20.0, 16.20.0, 18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks...

8.1CVSS6.8AI score0.05614EPSS
Exploits0References6
Cvelist
Cvelist
added 2022/07/14 12:0 a.m.39 views

CVE-2022-32212

A OS Command Injection vulnerability exists in Node.js versions 14.20.0, 16.20.0, 18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks...

8.5AI score0.05614EPSS
Exploits0References1
Debian
Debian
added 2021/11/02 1:6 a.m.52 views

[SECURITY] [DLA 2807-1] bind9 security update

Debian LTS Advisory DLA-2807-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany November 01, 2021 https://wiki.debian.org/LTS Package : bind9 Version : 1:9.10.3.dfsg.P4-12.3+deb9u10 CVE ID : CVE-2018-5740 CVE-2021-25219 Debian Bug : 905743 CVE-2021-25219 Kishore...

7.5CVSS6.8AI score0.59353EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.13 views

ROS-2-638

2.638 Vulnerability in BIND DNS server 1. Vulnerability description: Security issue is related to inefficiency of protection against "DNS rebinding" attacks when operating in the DNS server redirecting requests mode block "forwarders" in the settings.Identifier of the Information Security Threats...

7.3AI score
Exploits0
OSV
OSV
added 2021/04/20 9:15 p.m.2 views

UBUNTU-CVE-2021-29462

The Portable SDK for UPnP Devices is an SDK for development of UPnP device and control point applications. The server part of pupnp libupnp appears to be vulnerable to DNS rebinding attacks because it does not check the value of the Host header. This can be mitigated by using DNS revolvers which...

9.8CVSS7.2AI score0.00627EPSS
Exploits0References6
Rows per page
Query Builder