Lucene search
K

61 matches found

Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.12 views

Alibaba Cloud Linux 3 : 0016: nodejs:14 (ALINUX3-SA-2021:0016)

"The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0016 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-15366: An issue was discovered i...

9.8CVSS7.2AI score0.69062EPSS
Exploits6References8
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.40 views

Rocky Linux 8 : nodejs:12 (RLSA-2020:5499)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:5499 advisory. - An issue was discovered in ajv.validate in Ajv aka Another JSON Schema Validator 6.12.2. A carefully crafted JSON schema could be provided that allows...

9.8CVSS7.4AI score0.69062EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.35 views

Rocky Linux 8 : nodejs:14 (RLSA-2021:0551)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:0551 advisory. - An issue was discovered in ajv.validate in Ajv aka Another JSON Schema Validator 6.12.2. A carefully crafted JSON schema could be provided that allows...

9.8CVSS7.4AI score0.69062EPSS
Exploits6References15
OSV
OSV
added 2023/08/31 12:14 p.m.1 views

BELL-CVE-2020-7774 CVE-2020-7774 does not affect BellSoft software

Bulletin has no description...

9.8CVSS7.3AI score0.69062EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2023/01/23 12:0 a.m.56 views

RHEL 7 : rh-nodejs12-nodejs (RHSA-2020:5305)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5305 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

9.8CVSS7.2AI score0.69062EPSS
Exploits2References10
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/28 5:8 p.m.29 views

Security Bulletin: Vulnerabilities in Node.js affect IBM App Connect Enterprise and IBM Integration Bus (CVE-2020-7774)

Summary IBM App Connect Enterprise and IBM Integration Bus ship with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below. Vulnerability Details CVEID: CVE-2020-7774 DESCRIPTION: Node.js y18n module could allow a remote attacker to execut...

9.8CVSS1.3AI score0.69062EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/01 1:37 p.m.46 views

Security Bulletin: Multiple Vulnerabilities in Node.js affects IBM Netcool Agile Service Manager

Summary Multiple vulnerabilities in Node.js used by IBM Netcool Agile Service Manager have been identified. Netcool Agile Service Manager has addressed these CVEs. Vulnerability Details CVEID: CVE-2021-3450 DESCRIPTION: OpenSSL could allow a remote attacker to bypass security restrictions, caused...

9.8CVSS9.8AI score0.77385EPSS
Exploits20Affected Software1
ICS
ICS
added 2022/03/08 12:0 a.m.128 views

Siemens SINEC INS

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEC INS Vulnerability: Using Components with Known Vulnerabilities 2. RISK EVALUATION Successful exploitation of this vulnerability in third-party components could allow an attacker...

9.8CVSS8.4AI score0.21952EPSS
Exploits1References11
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.35 views

Mageia: Security Advisory (MGASA-2021-0372)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.69062EPSS
Exploits3References11
IBM Security Bulletins
IBM Security Bulletins
added 2021/08/16 3:9 p.m.48 views

Security Bulletin: Prototype pollution flaw in y18n in IBM DataPower Gateway

Summary IBM has addressed the CVE Vulnerability Details CVEID: CVE-2020-7774 DESCRIPTION: Node.js y18n module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw. By sending a specially-crafted request, an attacker could exploit this...

9.8CVSS4.1AI score0.69062EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2021/08/11 12:0 a.m.29 views

openSUSE: Security Advisory for nodejs8 (openSUSE-SU-2021:1113-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.1AI score0.69062EPSS
Exploits3References2
OPENSUSE Linux
OPENSUSE Linux
added 2021/08/10 12:0 a.m.335 views

Security update for nodejs8 (important)

openSUSE Security Update: Security update for nodejs8 Announcement ID: openSUSE-SU-2021:1113-1 Rating: important References: 1184450 1187976 1187977 Cross-References: CVE-2020-7774 CVE-2021-23362 CVE-2021-27290 CVSS scores: CVE-2020-7774 NVD : 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L...

7.5CVSS8.6AI score0.69062EPSS
Exploits3References3
OpenVAS
OpenVAS
added 2021/08/07 12:0 a.m.29 views

openSUSE: Security Advisory for nodejs8 (openSUSE-SU-2021:2618-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.1AI score0.69062EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2021/08/06 12:0 a.m.51 views

SUSE SLES15 Security Update : nodejs8 (SUSE-SU-2021:2618-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2618-1 advisory. - update to npm 6.14.13 - CVE-2021-27290: Fixed ssri Regular Expression Denial of Service. bsc1187976 - CVE-2021-23362: Fixed hosted-git-info...

9.8CVSS6.8AI score0.69062EPSS
Exploits3References10
Tenable Nessus
Tenable Nessus
added 2021/08/06 12:0 a.m.52 views

openSUSE 15 Security Update : nodejs8 (openSUSE-SU-2021:2618-1)

"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2618-1 advisory. - This affects the package y18n before 3.2.2, 4.0.1 and 5.0.5. PoC by po6ix: const y18n = require'y18n' %NASLMINLEVEL 70300 C Tenable...

9.8CVSS7AI score0.69062EPSS
Exploits3References10
OpenVAS
OpenVAS
added 2021/08/06 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2021:2618-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.7AI score0.69062EPSS
Exploits3References2
OPENSUSE Linux
OPENSUSE Linux
added 2021/08/05 12:0 a.m.107 views

Security update for nodejs8 (important)

openSUSE Security Update: Security update for nodejs8 Announcement ID: openSUSE-SU-2021:2618-1 Rating: important References: 1184450 1187976 1187977 Cross-References: CVE-2020-7774 CVE-2021-23362 CVE-2021-27290 CVSS scores: CVE-2020-7774 NVD : 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L...

7.5CVSS8.6AI score0.69062EPSS
Exploits3References3
IBM Security Bulletins
IBM Security Bulletins
added 2021/07/30 9:10 p.m.73 views

Security Bulletin: Potential vulnerability with Node.js

Summary A potential vulnerability has been identified related to Node.js. Refer to details for additional information. Vulnerability Details CVEID: CVE-2021-3450 DESCRIPTION: OpenSSL could allow a remote attacker to bypass security restrictions, caused by a a missing check in the validation logic...

9.8CVSS1.5AI score0.69062EPSS
Exploits5Affected Software1
RedHat Linux
RedHat Linux
added 2021/07/27 10:30 p.m.287 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.8.2 bug fix and security update

Red Hat OpenShift Container Platform release 4.8.2 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.8. Red Hat Product Security has rated this update as having a...

9.8CVSS6.8AI score0.95707EPSS
Exploits22References1722
Mageia
Mageia
added 2021/07/25 2:45 p.m.64 views

Updated nodejs packages fix security vulnerabilities

This affects the package y18n before 3.2.2, 4.0.1 and 5.0.5. PoC by po6ix: const y18n = require'y18n'; y18n.setLocale'proto'; y18n.updateLocalepolluted: true; console.logpolluted; // true CVE-2020-7774. The package hosted-git-info before 3.0.8 are vulnerable to Regular Expression Denial of Servic...

9.8CVSS3.9AI score0.69062EPSS
Exploits3References9
Rows per page
Query Builder