CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

32 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в nodejs

Due to the formatting logic of the "console.table" function, it is not safe to allow user-controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be "proto". This approach causes prototy...

8.2CVSS6.8AI score0.0034EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-26983

Malicious code in bioql PyPI...

8.2CVSS7AI score0.0034EPSS

Exploits0References18

OSV•added 2024/12/16 2:3 p.m.•7 views

BIT-NODE-MIN-2022-21824

Due to the formatting logic of the "console.table" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be "proto". The prototype pollution has...

8.2CVSS8.4AI score0.0034EPSS

Exploits0References9

OSV•added 2024/03/06 11:4 a.m.•19 views

BIT-NODE-2022-21824

8.2CVSS8.2AI score0.0034EPSS

Exploits0References9

Tenable Nessus•added 2023/03/21 12:0 a.m.•43 views

Amazon Linux 2023 : nodejs, nodejs-devel, nodejs-full-i18n (ALAS2023-2023-084)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-084 advisory. An HTTP Request Smuggling HRS vulnerability was found in the llhttp library, used by Node.JS. Spaces as part of the header names were accepted as valid. In situations where HTTP conversations a...

9.8CVSS8.2AI score0.86472EPSS

Exploits18References38

F5 Networks•added 2023/02/21 6:35 p.m.•163 views

K35802610: Multiple MySQL vulnerabilities CVE-2022-21569, CVE-2022-21824, CVE-2022-22968, CVE-2022-27778

Security Advisory Description CVE-2022-21569 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocol...

8.2CVSS5.9AI score0.20519EPSS

Exploits3

Tenable Nessus•added 2022/11/15 12:0 a.m.•33 views

Oracle Linux 8 : nodejs:14 (ELSA-2022-7830)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7830 advisory. - Record issues fixed in the current version Resolves: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824 Resolves: CVE-2022-0235 - Rebase to...

8.8CVSS7.5AI score0.03694EPSS

Exploits4References6

Rockylinux•added 2022/11/08 10:51 a.m.•43 views

nodejs:14 security update

An update is available for nodejs-nodemon, nodejs, nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Node.js is a software development platform f...

8.2CVSS8.4AI score0.03694EPSS

Exploits3

Tenable Nessus•added 2022/11/08 12:0 a.m.•32 views

RHEL 8 : nodejs:14 (RHSA-2022:7830)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7830 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

8.2CVSS7.4AI score0.03694EPSS

Exploits3References13

AlmaLinux•added 2022/11/08 12:0 a.m.•181 views

Moderate: nodejs:14 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Improper handling of URI Subject Alternative Names CVE-2021-44531 nodejs: Certificate Verification Bypass via String Injection...

8.2CVSS8.5AI score0.03694EPSS

Exploits3References12

IBM Security Bulletins•added 2022/10/21 5:37 p.m.•38 views

Security Bulletin: A security vulnerability in Node.js affects IBM Cloud Pak for Watson AIOps Infrastructure Automation

Summary A security vulnerability in Node.js affects IBM Cloud Pak for Watson AIOps Infrastructure Automation Vulnerability Details CVEID:CVE-2022-21824 DESCRIPTION: Node.js could provide weaker than expected security, caused by an error related to the formatting logic of the console.table functio...

8.2CVSS7.9AI score0.0034EPSS

Exploits0Affected Software1

Tenable Nessus•added 2022/10/19 12:0 a.m.•48 views

RHEL 7 : rh-nodejs14-nodejs (RHSA-2022:7044)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7044 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

9.8CVSS7.3AI score0.03694EPSS

Exploits4References15

IBM Security Bulletins•added 2022/10/06 6:50 p.m.•48 views

Security Bulletin: IBM has announced a release for IBM Security Verify Governance in response to a security vulnerability (CVE-2022-21824)

Summary IBM has announced a release for IBM Security Verify Governance ISVG in response to security vulnerability. The vulnerability is caused by Node.js which could provide weaker than expected security, caused by an error related to the formatting logic of the console.table function...

8.2CVSS7.9AI score0.0034EPSS

Exploits0Affected Software1

Tenable Nessus•added 2022/10/05 12:0 a.m.•47 views

Debian dla-3137 : libnode-dev - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3137 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3137-1 [email protected]...

9.8CVSS6.8AI score0.00386EPSS

Exploits1References12

Tenable Nessus•added 2022/06/06 12:0 a.m.•142 views

RHEL 7 : rh-nodejs12-nodejs (RHSA-2022:4914)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:4914 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

9.8CVSS7.7AI score0.01262EPSS

Exploits6References23

IBM Security Bulletins•added 2022/06/01 1:37 p.m.•44 views

Security Bulletin: Multiple Vulnerabilities in Node.js affects IBM Netcool Agile Service Manager

Summary Multiple vulnerabilities in Node.js used by IBM Netcool Agile Service Manager have been identified. Netcool Agile Service Manager has addressed these CVEs. Vulnerability Details CVEID: CVE-2021-3450 DESCRIPTION: OpenSSL could allow a remote attacker to bypass security restrictions, caused...

9.8CVSS9.8AI score0.89427EPSS

Exploits19Affected Software1

Tenable Nessus•added 2022/05/18 12:0 a.m.•60 views

SUSE SLES15 Security Update : nodejs10 (SUSE-SU-2022:1717-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1717-1 advisory. - CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe bsc1192153. - CVE-2021-32803: Fixed insufficient symli...

9.8CVSS7.4AI score0.84982EPSS

Exploits6References26

OPENSUSE Linux•added 2022/04/17 12:0 a.m.•51 views

Security update for nodejs12 (moderate)

openSUSE Security Update: Security update for nodejs12 Announcement ID: openSUSE-SU-2022:0113-1 Rating: moderate References: 1194511 1194512 1194513 1194514 1198204 Cross-References: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824 CVE-2022-24191 CVSS scores: CVE-2021-44531 NVD : 7.4...

5.9CVSS7.3AI score0.00364EPSS

Exploits3References5

OSV•added 2022/02/24 7:15 p.m.•4 views

AZL-8864 CVE-2022-21824 affecting package nodejs for versions less than 16.14.0-1

8.2CVSS6.7AI score0.0034EPSS

Exploits0References1