CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/03 8:7 p.m.•6 views

EUVD-2022-0956

Malicious code in bioql PyPI...

2.5CVSS6.1AI score0.00334EPSS

Exploits1References9

Tenable Nessus•added 2025/08/18 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2017-18869

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via...

2.5CVSS6.6AI score0.00334EPSS

Exploits1References2

RedHat Linux•added 2020/06/19 3:46 a.m.•2 views

nodejs-chownr: TOCTOU vulnerability in `chownr` function in chownr.js

A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via symlink attacks...

2.5CVSS7.4AI score0.00334EPSS

Exploits1References4

RedhatCVE•added 2020/06/18 4:55 p.m.•20 views

CVE-2017-18869

A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via symlink attacks...

7.7CVSS4.8AI score0.00334EPSS

Exploits1References2

CNVD•added 2020/06/16 12:0 a.m.•5 views

chownr package competitive conditions issue vulnerability

Joyent Node.js is a web application platform built on top of Google's V8 JavaScript engine from Joyent, Inc. The platform is used to build highly scalable applications and write code that can handle tens of thousands of simultaneous connections to a physical machine. chownr package is one of the...

2.5CVSS3.6AI score0.00334EPSS

Exploits1References1

OSV•added 2020/06/15 3:15 p.m.•2 views

DEBIAN-CVE-2017-18869

A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via symlink attacks...

2.5CVSS6.5AI score0.00334EPSS

Exploits1References1

OSV•added 2020/06/15 3:15 p.m.•19 views

CVE-2017-18869

A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via symlink attacks...

2.5CVSS6.4AI score

Exploits0References4

UbuntuCve•added 2020/06/15 3:15 p.m.•366 views

CVE-2017-18869

A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via symlink attacks...

2.5CVSS6.8AI score0.00334EPSS

Exploits1References5

CVE•added 2020/06/15 2:33 p.m.•99 views

CVE-2017-18869

CVE-2017-18869 : A TOCTOU vulnerability in the chownr package (Node.js 10.10) could allow a local attacker to trick the code into descending into unintended directories via symlink attacks. Root cause: TOCTOU in chownr.js. Impact: local privilege-limited access through directory traversal. Remedi...

2.5CVSS3.3AI score0.00334EPSS

Exploits1References4Affected Software1

Cvelist•added 2020/06/15 2:33 p.m.•31 views

CVE-2017-18869

A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via symlink attacks...

3.1AI score0.00334EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by