Lucene search
K

45 matches found

OpenVAS
OpenVAS
added 2023/09/20 12:0 a.m.25 views

Ubuntu: Security Advisory (USN-6380-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.57132EPSS
Exploits6References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/14 3:28 p.m.39 views

Security Bulletin: Security vulnerabilities in IBM SDK for Node.js might affect the configuration editor used by IBM Business Automation Workflow and IBM Business Process Manager (BPM)

Summary Security vulnerabilities have been reported for IBM SDK for Node.js. IBM Business Automation Workflow and IBM BPM include a stand-alone tool for editing configuration properties files that is based on IBM SDK for Node.js. Vulnerability Details CVEID:CVE-2019-15606 DESCRIPTION: Node.js cou...

9.2AI score0.57132EPSS
Exploits2Affected Software5
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/21 1:27 p.m.39 views

Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Cloud App Management

Summary There are vulnerabilities in Node.js used by IBM® Cloud App Management. IBM® Cloud App Management has addressed the applicable CVEs in a later version. Vulnerability Details CVEID:CVE-2019-15604 DESCRIPTION: Node.js is vulnerable to a denial of service, caused by improper certificate...

9.8CVSS9.2AI score0.57132EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/03/23 10:7 p.m.36 views

Security Bulletin: Node.js vulnerabilities affect IBM Spectrum Control (CVE-2019-15606, CVE-2019-15604, CVE-2019-15605)

Summary Node.js is vulnerable to security bypass, denial of service and HTTP request smuggling. These vulnerabilities affect IBM Spectrum Control. Vulnerability Details CVEID: CVE-2019-15606 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by an issue whe...

9.8CVSS8.9AI score0.57132EPSS
Exploits2Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.38 views

Mageia: Security Advisory (MGASA-2020-0372)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.87806EPSS
Exploits4References10
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2020:0427-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.7AI score0.57132EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2020:0488-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.7AI score0.57132EPSS
Exploits2References2
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/08 10:33 p.m.39 views

Security Bulletin: IBM DataPower Gateway affected by multiple CVEs in Node.js

Summary IBM has addressed the applicable CVEs Vulnerability Details CVEID: CVE-2019-15606 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by an issue when HTTP header values do not have trailing OWS trimmed. By sending a specially-crafted request, an...

9.8CVSS8.7AI score0.57132EPSS
Exploits2Affected Software1
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.37 views

SUSE: Security Advisory (SUSE-SU-2020:0454-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9AI score0.57132EPSS
Exploits2References6
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.33 views

SUSE: Security Advisory (SUSE-SU-2020:0455-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9AI score0.57132EPSS
Exploits2References6
OpenVAS
OpenVAS
added 2021/01/19 12:0 a.m.43 views

Elastic Kibana < 6.8.7, 7.x < 7.6.1 Multiple Vulnerabilities in Node.js (ESA-2020-01) - Linux

Kibana is prone to multiple vulnerabilities in the shipped 3rdparty Node.js component. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.8CVSS9.4AI score0.57132EPSS
Exploits2References2
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/06 10:54 p.m.35 views

Security Bulletin: Security Vulnerabilities affect IBM Cloud Pak for Data - Node.js (CVE-2019-15606, CVE-2019-15604, CVE-2019-15605)

Summary Security Vulnerabilities affect IBM Cloud Pak for Data - Node.js CVE-2019-15606, CVE-2019-15604, CVE-2019-15605 Vulnerability Details CVEID: CVE-2019-15606 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by an issue when HTTP header values do not...

9.8CVSS0.8AI score0.57132EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/15 9:20 a.m.41 views

Security Bulletin: IBM Cloud Transformation Advisor is affected by multiple Node.js vulnerabilities.

Summary IBM Cloud Transformation Advisor has addressed multiple Node.js vulnerabilities. Vulnerability Details CVEID: CVE-2019-15606 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by an issue when HTTP header values do not have trailing OWS trimmed. By...

9.8CVSS0.3AI score0.57132EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/08/28 12:0 a.m.37 views

Oracle Linux 8 : nodejs:12 (ELSA-2020-0598)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-0598 advisory. nodejs 1:12.16.1-1 - Resolves: RHBZ1800393, RHBZ1800394, RHBZ1800380 - Rebase to 12.16.1 nodejs-nodemon nodejs-packaging Tenable has extracted the...

9.8CVSS7.6AI score0.57132EPSS
Exploits2References4
IBM Security Bulletins
IBM Security Bulletins
added 2020/06/11 4:18 p.m.30 views

Security Bulletin: IBM Event Streams is affected by multiple Node.js vulnerabilities

Summary IBM Event Streams is affected by the following vulnerabilities in the included Node.js runtime shipped. Vulnerability Details CVEID: CVE-2019-15606 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by an issue when HTTP header values do not have...

9.8CVSS1AI score0.57132EPSS
Exploits2Affected Software1
Debian
Debian
added 2020/04/29 9:5 p.m.86 views

[SECURITY] [DSA 4669-1] nodejs security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4669-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 29, 2020 https://www.debian.org/security/faq -...

9.8CVSS8.3AI score0.82813EPSS
Exploits2
IBM Security Bulletins
IBM Security Bulletins
added 2020/04/16 5:5 a.m.44 views

Security Bulletin: Version 10.16.3 of Node.js included in IBM Cloud Event Management 2.5.0 has several security vulnerabilities.

Summary Security Bulletin: Version 10.16.3 of Node.js included in IBM Cloud Event Management 2.5.0 has several security vulnerabilities. Vulnerability Details CVEID: CVE-2019-15606 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by an issue when HTTP...

9.8CVSS1AI score0.57132EPSS
Exploits2Affected Software1
Oracle linux
Oracle linux
added 2020/04/15 12:0 a.m.74 views

nodejs:10 security update

nodejs 1:10.19.0-2 - Resolves: RHBZ1811498 1:10.19.0-1 - Rebase to 10.19.0 to fix CVE-2019-15604 to CVE-2019-15606 1:10.16.3-1 - Rebase to 10.16.3 to fix CVE-2019-9511 to CVE-2019-9518 1:10.14.1-1 - Resolves: RHBZ1644207 - fixes node-gyp permissions - rebase 1:10.11.0-2 - BuildRequire...

9.8CVSS8.1AI score0.58373EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2020/04/06 4:56 a.m.36 views

CVE-2019-15604

An encoding error flaw exists in the Node.js code that is used to read a peer certificate in the TLS client authentication. An attacker can use this flaw to crash the process used to handle TLS client authentication...

7.5CVSS8.4AI score0.20457EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2020/03/30 10:17 p.m.35 views

Security Bulletin: Vulnerabilities in Node.js affect IBM Spectrum Protect Plus (CVE-2019-15606, CVE-2019-15604, CVE-2019-15605, CVE-2019-9511, CVE-2019-9516, CVE-2019-9512, CVE-2019-9517, CVE-2019-9518, CVE-2019-9515, CVE-2019-9513, CVE-2019-9514)

Summary There are multiple vulnerabilities in Node.js that affect IBM Spectrum Protect Plus. Vulnerability Details CVEID: CVE-2019-15606 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by an issue when HTTP header values do not have trailing OWS trimmed...

9.8CVSS1.2AI score0.87806EPSS
Exploits3Affected Software1
Rows per page
Query Builder