Lucene search
+L

38 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/04/29 2:39 a.m.96 views

Security Bulletin: Multiple vulnerabilities in IBM Rapid Infrastructure Automation

Summary Multiple vulnerabilities were addressed in IBM Rapid Infrastructure Automation v1.1.5 Vulnerability Details CVEID:CVE-2024-47875 DESCRIPTION: DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMpurify was vulnerable to nesting-based mXSS. This...

10CVSS10AI score0.06975EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/01 2:54 p.m.61 views

Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities

Summary IBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security...

9.8CVSS9.6AI score0.06031EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/31 2:57 p.m.55 views

Security Bulletin: IBM QRadar Data Synchronization App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar Data Synchronization App for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-27290 DESCRIPTION: Node.js ssri...

9.8CVSS1.3AI score0.37286EPSS
Exploits16Affected Software1
OpenVAS
OpenVAS
added 2022/05/18 12:0 a.m.24 views

openSUSE: Security Advisory for nodejs10 (SUSE-SU-2022:1717-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.8AI score0.21514EPSS
Exploits6References2
OSV
OSV
added 2022/05/17 3:43 p.m.11 views

SUSE-SU-2022:1717-1 Security update for nodejs10

This update for nodejs10 fixes the following issues: - CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe bsc1192153. - CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite bsc1191963. - CVE-2021-32804: Fixed...

9.8CVSS8.3AI score0.21514EPSS
Exploits6References19
Tenable Nessus
Tenable Nessus
added 2022/03/05 12:0 a.m.47 views

openSUSE 15 Security Update : nodejs8 (openSUSE-SU-2022:0704-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0704-1 advisory. - All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and...

9.8CVSS7.3AI score0.15014EPSS
Exploits4References16
Tenable Nessus
Tenable Nessus
added 2022/03/05 12:0 a.m.45 views

SUSE SLES15 Security Update : nodejs8 (SUSE-SU-2022:0704-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0704-1 advisory. - All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, a...

9.8CVSS7.4AI score0.15014EPSS
Exploits4References16
OpenVAS
OpenVAS
added 2022/03/05 12:0 a.m.38 views

openSUSE: Security Advisory for nodejs14 (openSUSE-SU-2022:0715-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.2AI score0.15014EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2022/03/05 12:0 a.m.31 views

openSUSE: Security Advisory for nodejs8 (openSUSE-SU-2022:0704-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.2AI score0.15014EPSS
Exploits4References2
OPENSUSE Linux
OPENSUSE Linux
added 2022/03/04 12:0 a.m.93 views

Security update for nodejs8 (important)

openSUSE Security Update: Security update for nodejs8 Announcement ID: openSUSE-SU-2022:0704-1 Rating: important References: 1191962 1191963 1192153 1192154 1192696 Cross-References: CVE-2021-23343 CVE-2021-32803 CVE-2021-32804 CVE-2021-3807 CVE-2021-3918 CVSS scores: CVE-2021-23343 NVD : 7.5...

8.1CVSS9.1AI score0.15014EPSS
Exploits4References5
OpenVAS
OpenVAS
added 2022/03/04 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2022:0704-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.15014EPSS
Exploits4References8
OpenVAS
OpenVAS
added 2022/03/03 12:0 a.m.23 views

openSUSE: Security Advisory for nodejs12 (openSUSE-SU-2022:0657-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.2AI score0.15014EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2022/03/02 12:0 a.m.32 views

SUSE: Security Advisory (SUSE-SU-2022:0657-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.15014EPSS
Exploits4References8
Tenable Nessus
Tenable Nessus
added 2022/02/25 12:0 a.m.47 views

SUSE SLES12 Security Update : nodejs10 (SUSE-SU-2022:0570-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0570-1 advisory. - All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, a...

9.8CVSS6.9AI score0.21514EPSS
Exploits4References19
OpenVAS
OpenVAS
added 2022/02/25 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2022:0570-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.2AI score0.21514EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2022/02/25 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2022:0563-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.15014EPSS
Exploits4References8
OSV
OSV
added 2022/02/24 9:35 a.m.12 views

SUSE-SU-2022:0570-1 Security update for nodejs10

This update for nodejs10 fixes the following issues: - CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe bsc1192153. - CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite bsc1191963. - CVE-2021-32804: Fixed...

9.8CVSS8.8AI score0.21514EPSS
Exploits4References13
OSV
OSV
added 2022/02/24 9:35 a.m.15 views

SUSE-SU-2022:0569-1 Security update for nodejs14

This update for nodejs14 fixes the following issues: - CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe bsc1192153. - CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite bsc1191963. - CVE-2021-32804: Fixed...

9.8CVSS8.7AI score0.15014EPSS
Exploits4References11
OpenVAS
OpenVAS
added 2022/02/22 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2022:0531-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.1AI score0.15014EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.69 views

Rocky Linux 8 : nodejs:14 (RLSA-2021:3666)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:3666 advisory. - Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host...

9.8CVSS7.2AI score0.37286EPSS
Exploits5References18
Rows per page
Query Builder