Lucene search
+L

177 matches found

OSV
OSV
added 2022/02/08 10:24 p.m.3 views

USN-5159-1 node-bl vulnerability

It was discovered that bl incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service...

6.5CVSS6.8AI score0.02183EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/10/05 12:0 a.m.14 views

Ubuntu: Security Advisory (USN-5098-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.02183EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/10/04 12:0 a.m.27 views

Ubuntu 18.04 LTS : bl vulnerability (USN-5098-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5098-1 advisory. It was discovered that bl didn't properly sanitize the inputs. An attacker could use this to leak sensitive information. Tenable has extracted the preceding...

6.5CVSS7.2AI score0.02183EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/07/01 12:0 a.m.36 views

Debian DLA-2698-1 : node-bl - LTS security update

The remote Debian 9 host has a package installed that is affected by a vulnerability as referenced in the dla-2698 advisory. - A buffer over-read vulnerability exists in bl 4.0.3, 3.0.1, 2.2.1, and 1.2.3 which could allow an attacker to supply user input even typed that if it ends up in consume...

6.5CVSS7.4AI score0.02183EPSS
Exploits1References5
OSV
OSV
added 2021/07/01 12:0 a.m.23 views

DLA-2698-1 node-bl - security update

Bulletin has no description...

6.5CVSS6.5AI score0.02183EPSS
Exploits1
OpenVAS
OpenVAS
added 2021/07/01 12:0 a.m.21 views

Debian: Security Advisory (DLA-2698-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.2AI score0.02183EPSS
Exploits1References4
Debian
Debian
added 2021/06/30 10:11 p.m.34 views

[SECURITY] [DLA 2698-1] node-bl security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2698-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz July 01, 2021 https://wiki.debian.org/LTS -...

6.5CVSS6.8AI score0.02183EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/15 5:35 p.m.23 views

Security Bulletin: A security vulnerability in Node.js bl module affects IBM Cloud Pak for Multicloud Management Managed Service.

Summary A security vulnerability in Node.js bl module affects IBM Cloud Pak for Multicloud Management Infrastructure Management Managed Service. Vulnerability Details CVEID: CVE-2020-8244 DESCRIPTION: Node.js bl module could allow a remote attacker to obtain sensitive information, caused by a...

6.5CVSS0.8AI score0.02183EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/11/26 9:42 p.m.20 views

Security Bulletin: A security vulnerability in Node.js bl module affects IBM Cloud Automation Manager.

Summary A security vulnerability in Node.js bl module affects IBM Cloud Automation Manager. Vulnerability Details CVEID: CVE-2020-8244 DESCRIPTION: Node.js bl module could allow a remote attacker to obtain sensitive information, caused by a buffer over-read flaw in the consume function. By sendin...

6.5CVSS1.2AI score0.02183EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/29 6:27 p.m.21 views

Security Bulletin: Version 4.0.2 of Node.js module bl included in IBM Netcool Operations Insight 1.6.1.x has a security vulnerability

Summary Security Bulletin: Version 4.0.2 of Node.js module bl included in IBM Netcool Operations Insight 1.6.1.x has a security vulnerability Vulnerability Details CVEID: CVE-2020-8244 DESCRIPTION: Node.js bl module could allow a remote attacker to obtain sensitive information, caused by a buffer...

6.5CVSS1.2AI score0.02183EPSS
Exploits1Affected Software1
Openbugbounty
Openbugbounty
added 2020/10/28 12:31 p.m.7 views

bl-lynx.com Cross Site Scripting vulnerability OBB-1458011

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
vulnersOsv
vulnersOsv
added 2020/09/02 3:26 p.m.7 views

@cowlick/analyzer (>=0.10.0 <=0.11.0), @cowlick/kag-compiler (>=0.10.0 <=0.11.0) +1 more potentially affected by CVE-2020-8244 via bl (=3.0.0)

bl NPM version =3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on bl and may be impacted: - @cowlick/analyzer =0.10.0, =0.10.0, =1.0.0, =1.0.3 Source cves: CVE-2020-8244 Source advisory: OSV:GHSA-PP7H-53GX-MX7R...

6.5CVSS6.7AI score0.02183EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2020/09/02 3:26 p.m.5 views

@here/harp-leaflet (>=0.2.4 <=0.2.5) potentially affected by CVE-2020-8244 via bl (=4.0.2)

bl NPM version =4.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on bl and may be impacted: - @here/harp-leaflet =0.2.4, =0.2.5 Source cves: CVE-2020-8244 Source advisory: OSV:GHSA-PP7H-53GX-MX7R...

6.5CVSS6.7AI score0.02183EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2020/09/02 3:26 p.m.4 views

00ld8nuivn (=2.1.0), 00rqiw31nd (=2.1.0) +16521 more potentially affected by CVE-2020-8244 via bl (>=0.1.1 <=1.2.1)

bl NPM version =0.1.1, =1.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on bl and may be impacted: - 00ld8nuivn =2.1.0 - 00rqiw31nd =2.1.0 - 01dk01majk =2.1.0 - 02rjq8i863 =1.1.0 - 02vx8qsp01 =2.1.0 - 05y6tjgmws =1.1.0 - 06-tekbooks =0.1.0 -...

6.5CVSS6.6AI score0.02183EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2020/09/02 3:26 p.m.10 views

@cowlick/analyzer (>=0.9.0 <=0.9.1), @cowlick/kag-compiler (>=0.9.0 <=0.9.1) +4 more potentially affected by CVE-2020-8244 via bl (=2.0.1)

bl NPM version =2.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on bl and may be impacted: - @cowlick/analyzer =0.9.0, =0.9.0, =4.1.6, =1.2.0, =1.0.0, =1.0.0, =1.1.37 Source cves: CVE-2020-8244 Source advisory: OSV:GHSA-PP7H-53GX-MX7R...

6.5CVSS6.7AI score0.02183EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2020/09/02 8:51 a.m.30 views

CVE-2020-8244

A buffer over-read vulnerability exists in bl 4.0.3, 3.0.1, 2.2.1, and 1.2.3 which could allow an attacker to supply user input even typed that if it ends up in consume argument and can become negative, the BufferList state can be corrupted, tricking it into exposing uninitialized memory via...

6.5CVSS4.2AI score0.02183EPSS
Exploits1References4
NVD
NVD
added 2020/08/30 3:15 p.m.10 views

CVE-2020-8244

A buffer over-read vulnerability exists in bl 4.0.3, 3.0.1, 2.2.1, and 1.2.3 which could allow an attacker to supply user input even typed that if it ends up in consume argument and can become negative, the BufferList state can be corrupted, tricking it into exposing uninitialized memory via...

6.5CVSS6.6AI score0.02183EPSS
Exploits1References2
OSV
OSV
added 2020/08/30 3:15 p.m.19 views

CVE-2020-8244

A buffer over-read vulnerability exists in bl 4.0.3, 3.0.1, 2.2.1, and 1.2.3 which could allow an attacker to supply user input even typed that if it ends up in consume argument and can become negative, the BufferList state can be corrupted, tricking it into exposing uninitialized memory via...

6.5CVSS6.7AI score
Exploits0References2
Prion
Prion
added 2020/08/30 3:15 p.m.17 views

Buffer overflow

A buffer over-read vulnerability exists in bl 4.0.3, 3.0.1, 2.2.1, and 1.2.3 which could allow an attacker to supply user input even typed that if it ends up in consume argument and can become negative, the BufferList state can be corrupted, tricking it into exposing uninitialized memory via...

6.4CVSS6.4AI score0.02183EPSS
Exploits1References2Affected Software2
OSV
OSV
added 2020/08/30 3:15 p.m.4 views

UBUNTU-CVE-2020-8244

A buffer over-read vulnerability exists in bl 4.0.3, 3.0.1, 2.2.1, and 1.2.3 which could allow an attacker to supply user input even typed that if it ends up in consume argument and can become negative, the BufferList state can be corrupted, tricking it into exposing uninitialized memory via...

6.5CVSS6.9AI score0.02183EPSS
Exploits1References6
Rows per page
Query Builder