Lucene search
K

31 matches found

Circl
Circl
added 2026/03/05 9:58 a.m.3 views

CVE-2018-12116

creationtimestamp| type| source ---|---|--- 2026-03-05 09:58:04+00:00| published-proof-of-concept| https://t.me/poxek/5968...

7.5CVSS6.7AI score0.04612EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/10/16 12:0 a.m.33 views

Ubuntu 16.04 ESM / 18.04 ESM : Node.js vulnerabilities (USN-4796-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4796-1 advisory. Alexander Minozhenko and James Bunton discovered that Node.js did not properly handle wildcards in name fields of X.509 TLS certificates. An...

8.8CVSS7.2AI score0.41288EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2023/10/02 12:0 a.m.73 views

F5 Networks BIG-IP : Node.js vulnerabilities (K000137093)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.6 / 17.1.2.2 / 17.5.0. It is, therefore, affected by multiple vulnerabilities as referenced in the K000137093 advisory. CVE-2018-7167Calling Buffer.fill or Buffer.alloc with some parameters can lead to a hang which...

7.5CVSS6.9AI score0.08028EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.34 views

Mageia: Security Advisory (MGASA-2019-0277)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.9AI score0.41288EPSS
Exploits0References23
CBLMariner
CBLMariner
added 2021/08/11 6:39 a.m.28 views

CVE-2018-12116 affecting package nodejs 8.11.4-7

CVE-2018-12116 affecting package nodejs 8.11.4-7. An upgraded version of the package is available that resolves this issue...

7.5CVSS7.9AI score0.04612EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2019:0117-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.6AI score0.41288EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2019:0118-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.41288EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2019:0395-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.6AI score0.41288EPSS
Exploits4References2
IBM Security Bulletins
IBM Security Bulletins
added 2020/03/23 8:41 p.m.26 views

Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Integration Bus & IBM App Connect Enterprise V11

Summary IBM Integration Bus & IBM App Connect Enterprise V11 ship with Node.js version 8 for which multiple vulnerabilities were reported and have been addressed. Vulnerability details are listed below. Vulnerability Details CVEID: CVE-2018-12122 DESCRIPTION: Node.js is vulnerable to a denial of...

7.5CVSS0.9AI score0.41288EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/03/23 12:0 a.m.59 views

GLSA-202003-48 : Node.js: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202003-48 Node.js: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Node.js. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly write arbitrary files,...

9.8CVSS6.8AI score0.57132EPSS
Exploits2References16
RedhatCVE
RedhatCVE
added 2020/01/07 3:29 a.m.34 views

CVE-2018-12116

Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the path option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to...

7.5CVSS1.7AI score0.04612EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/12/31 12:0 a.m.38 views

Photon OS 1.0: Nodejs PHSA-2019-1.0-0257

An update of the nodejs package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0257. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid13252...

7.5CVSS7.7AI score0.41288EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2019/07/22 1:39 p.m.121 views

Important: Red Hat Security Advisory: rh-nodejs8-nodejs security update

An update for rh-nodejs8-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.7AI score0.41288EPSS
Exploits1References7
IBM Security Bulletins
IBM Security Bulletins
added 2019/05/13 11:35 p.m.35 views

Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Cloud App Management V2018

Summary There are multiple vulnerabilities in Node.js used by IBM® Cloud App Management V2018. IBM® Cloud App Management has addressed the applicable CVEs in a later version. Vulnerability Details CVEID: CVE-2018-12122 DESCRIPTION: Node.js is vulnerable to a denial of service, caused by improper...

7.5CVSS0.9AI score0.41288EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/04/15 3:25 p.m.45 views

Security Bulletin: IBM Planning Analytics Local is affected by multiple vulnerabilities (CVE-2018-12116, CVE-2018-12121, CVE-2018-12122, CVE-2018-12123)

Summary The Planning Analytics Workspace component of IBM Planning Analytics is vulnerable to multiple Node.js vulnerabilities. The version of Node.js use by IBM Planning Analytics Workspace has been upgraded to address these vulnerabilities. Vulnerability Details CVEID: CVE-2018-12116 DESCRIPTIO...

7.5CVSS0.9AI score0.41288EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/03/29 10:50 a.m.38 views

Security Bulletin: IBM Event Streams is affected by Node.js vulnerabilities

Summary IBM Event Streams is affected by the following vulnerabilities in the included Node.js runtime shipped. Vulnerability Details CVEID: CVE-2018-12122 DESCRIPTION: Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending headers very slowly...

7.5CVSS0.9AI score0.41288EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/03/27 10:45 p.m.37 views

Security Bulletin: API Connect is impacted by multiple nodeJS vulnerabilities (CVE-2018-12122 CVE-2018-12121 CVE-2018-12123 CVE-2018-12116)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2018-12122 DESCRIPTION: Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending headers very slowly keeping HTTP or HTTPS connections and associated...

7.5CVSS1.8AI score0.41288EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/02/25 12:0 a.m.92 views

openSUSE Security Update : nodejs6 (openSUSE-2019-234)

This update for nodejs6 to version 6.16.0 fixes the following issues : Security issues fixed : - CVE-2018-0734: Fixed a timing vulnerability in the DSA signature generation bsc1113652 - CVE-2018-5407: Fixed a hyperthread port content side channel attack aka 'PortSmash' bsc1113534 - CVE-2018-12120...

8.1CVSS7AI score0.41288EPSS
Exploits4References14
OPENSUSE Linux
OPENSUSE Linux
added 2019/02/22 12:0 a.m.222 views

Security update for nodejs6 (important)

openSUSE Security Update: Security update for nodejs6 Announcement ID: openSUSE-SU-2019:0234-1 Rating: important References: 1113534 1113652 1117625 1117626 1117627 1117629 1117630 Cross-References: CVE-2018-0734 CVE-2018-12116 CVE-2018-12120 CVE-2018-12121 CVE-2018-12122 CVE-2018-12123...

8.1CVSS6.9AI score0.41288EPSS
Exploits4References7
IBM Security Bulletins
IBM Security Bulletins
added 2019/02/20 6:30 p.m.32 views

Security Bulletin: Multiple security vulnerabilities in Node.js affect IBM Voice Gateway

Summary Security Vulnerabilities in Node.js affect IBM Voice Gateway. Vulnerability Details CVEID: CVE-2018-12122 DESCRIPTION: Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending headers very slowly keeping HTTP or HTTPS connections and associat...

7.5CVSS0.7AI score0.41288EPSS
Exploits0Affected Software1
Rows per page
Query Builder