Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Positive Technologies
Positive Technologiesadded 6 days ago5 views

PT-2026-48347

Summary The Klever seednode REST API starts a Gin engine with Engine.RunrestAPIInterface. In Gin v1.9.1, Engine.Run calls Go's default http.ListenAndServe, which constructs an HTTP server without application-level ReadHeaderTimeout, ReadTimeout, or MaxHeaderBytes limits. An unauthenticated client...

7.5CVSS5.5AI score
Exploits0References4
Snyk
Snykadded 2025/07/10 5:58 p.m.1 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the HTTP Gateway process. An attacker can exhaust system resources by sending HTTP headers very slowly, preventing legitimate requests from being processed. Remediation Upgrade...

8.7CVSS7AI score0.00473EPSS
Exploits0References2
SUSE CVE
SUSE CVEadded 2023/02/15 4:17 a.m.1 views

SUSE CVE-2019-5737

In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service DoS by establishing an HTTP or HTTPS connection in keep-alive mode and by sending headers very slowly. This keeps the connection and associated...

5.3CVSS8.5AI score0.26351EPSS
Exploits0References12
Microsoft CVE
Microsoft CVEadded 2021/06/06 7:0 a.m.1 views

Node.js: All versions prior to Node.js 6.15.0 8.14.0 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time.

...

7.5CVSS9.3AI score0.02342EPSS
Exploits0
OSV
OSVadded 2019/03/28 5:29 p.m.1 views

DEBIAN-CVE-2019-5737

In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service DoS by establishing an HTTP or HTTPS connection in keep-alive mode and by sending headers very slowly. This keeps the connection and associated...

7.5CVSS7.4AI score0.26351EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2019/03/09 12:0 a.m.3 views

PT-2019-17836 · Node.Js +7 · Node.Js +7

Name of the Vulnerable Software and Affected Versions: Node.js versions 6.x before 6.17.0 Node.js versions 8.x before 8.15.1 Node.js versions 10.x before 10.15.2 Node.js versions 11.x before 11.10.1 Description: An attacker can cause a Denial of Service DoS by establishing an HTTP or HTTPS...

9.8CVSS7.8AI score0.90232EPSS
Exploits54References604
OSV
OSVadded 2018/11/28 5:29 p.m.1 views

ALPINE-CVE-2018-12122

Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service DoS by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time...

7.5CVSS8.8AI score0.02342EPSS
Exploits0References1
Rows per page
Query Builder