Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:20 a.m.1 views

CVE-2019-10791

promise-probe before 0.10.0 allows remote attackers to perform a command injection attack. The file, outputFile and options functions can be controlled by users without any sanitization...

9.8CVSS7.5AI score0.01968EPSS
Exploits1References1
IBM Security Bulletins
IBM Security Bulletins
added 2020/06/11 4:21 p.m.28 views

Security Bulletin: IBM Event Streams is affected by multiple Node.js vulnerabilities

Summary IBM Event Streams is affected by the following vulnerabilities in the included Node.js runtime shipped. Vulnerability Details CVEID: CVE-2019-10795 DESCRIPTION: Node.js undefsafe module could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a...

10CVSS2.1AI score0.03799EPSS
Exploits7Affected Software1
NVD
NVD
added 2020/02/18 5:15 p.m.24 views

CVE-2019-10791

promise-probe before 0.10.0 allows remote attackers to perform a command injection attack. The file, outputFile and options functions can be controlled by users without any sanitization...

9.8CVSS9.8AI score0.01968EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/02/18 4:1 p.m.22 views

CVE-2019-10791

promise-probe before 0.10.0 allows remote attackers to perform a command injection attack. The file, outputFile and options functions can be controlled by users without any sanitization...

9.8AI score0.01968EPSS
Exploits1References2
CVE
CVE
added 2020/02/18 4:1 p.m.64 views

CVE-2019-10791

The CVE-2019-10791 issue affects the Node.js module promise-probe. The root cause is lack of sanitization in the file, outputFile and options functions, enabling remote command injection when untrusted input is used. Public references from Red Hat, GHSA, OSV, and Snyk corroborate a severe impact ...

9.8CVSS9.7AI score0.01968EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder