Lucene search
K

10 matches found

SUSE CVE
SUSE CVE
added 2026/05/27 5:2 a.m.3 views

SUSE CVE-2022-32223

Node.js is vulnerable to Hijack Execution Flow: DLL Hijacking under certain conditions on Windows platforms.This vulnerability can be exploited if the victim has the following dependencies on a Windows machine: OpenSSL has been installed and “C:\Program Files\Common Files\SSL\openssl.cnf”...

7.3CVSS6.6AI score0.01732EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/28 7:52 p.m.46 views

Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilities in Node.js and Spring Data MongoDB

Summary IBM Planning Analytics Workspace is affected by vulnerabilties in Node.js and Spring Data MongoDB CVE-2022-32212, CVE-2022-32213, CVE-2022-32223, CVE-2022-32214, CVE-2022-32222, CVE-2022-32215, CVE-2022-22980 Vulnerability Details CVEID:CVE-2022-32212 DESCRIPTION: Node.js could allow a...

9.8CVSS8.7AI score0.81464EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/14 2:13 p.m.54 views

Security Bulletin: Multiple vulnerabilities due to OpenSSL and Node js which affect IBM App Connect Enterprise and IBM Integration Bus

Summary There are multiple vulnerabilities due to OpenSSL and Node js which affect IBM App Connect Enterprise and IBM Integration Bus CVE-2022-32223, CVE-2022-32213, CVE-2022-32212, CVE-2022-2097,CVE-2022-32214, CVE-2022-32215. The resolving fix includes node js 14.20.0 and openSSL 1.1.1q...

8.1CVSS8.6AI score0.81464EPSS
Exploits4Affected Software2
GithubExploit
GithubExploit
added 2022/10/12 1:24 p.m.7 views

Exploit for Uncontrolled Search Path Element in Nodejs Node.Js

CVE-2022-32223 Source files for generating a demonstration ex...

7.3CVSS6.5AI score0.01732EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/22 7:3 a.m.67 views

Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related Java SE and Node

Summary Vulnerabilities in Node and Java SE such as HTTP request smuggling, execution of arbitrary code, gain elevated privileges on the system and unauthorized operations may affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2022-32214 DESCRIPTION: Node.js is vulnerable to HTTP reques...

8.1CVSS8.3AI score0.81464EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/17 12:2 p.m.100 views

Security Bulletin: Multiple vulnerabilities in Node.js may affect IBM Spectrum Protect Plus (CVE-2022-32223, CVE-2022-32215, CVE-2022-33987, CVE-2022-32213, CVE-2022-32212, CVE-2022-32222, CVE-2022-32214)

Summary Vulnerabilities in Node.js such as elevation of privileges, HTTP request smuggling, bypassing security restrictions, and execution of arbitrary code may affect IBM Spectrum Protect Plus. Vulnerability Details CVEID:CVE-2022-32223 DESCRIPTION: Node.js could allow a local attacker to gain...

8.1CVSS8.3AI score0.81464EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/08/10 4:27 p.m.75 views

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities

Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities with details below Vulnerability Details CVEID:CVE-2022-32212 DESCRIPTION: Node.js could allow a remote attacker to execute arbitrary code on the system, caused by the...

8.1CVSS8.4AI score0.81464EPSS
Exploits5Affected Software2
CVE
CVE
added 2022/07/14 2:51 p.m.144 views

CVE-2022-32223

CVE-2022-32223 is a Node.js DLL hijacking issue on Windows. When the system has OpenSSL and an openssl.cnf at C:\Program Files\Common Files\SSL\openssl.cnf, node.exe may search for providers.dll in the user directory and via the Windows DLL search order, enabling a local attacker to place a malic...

7.3CVSS7AI score0.01732EPSS
Exploits1References3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/12 6:46 p.m.37 views

Security Bulletin: IBM Answer Retrieval for Watson Discovery is vulnerable to HTTP request smuggling due to NodeJS

Summary NodeJS is used by IBM Answer Retrieval for Watson Discovery. The fix upgrades to NodeJS 14.20.0 Vulnerability Details CVEID: CVE-2022-32212 DESCRIPTION: Node.js could allow a remote attacker to execute arbitrary code on the system, caused by the failure to properly check if an IP address ...

8.1CVSS0.9AI score0.81464EPSS
Exploits5Affected Software1
Node JS Blog
Node JS Blog
added 2022/07/07 12:0 a.m.53 views

July 7th 2022 Security Releases

July 7th 2022 Security Releases Update 07-July-2022 Security releases available Updates are now available for the v18.x, v16.x, and v14.x Node.js release lines for the following issues. HTTP Request Smuggling - Flawed Parsing of Transfer-Encoding MediumCVE-2022-32213 The llhttp parser in the http...

10CVSS7AI score0.81464EPSS
Exploits7
Rows per page
Query Builder