Lucene search
K

18 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/04 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-37372

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Permission Model assumes that any path starting with two backslashes \ has a four-character prefix that can be ignored, which is not always true. This subtl...

3.6CVSS7.1AI score0.00477EPSS
Exploits0References2
Chainguard
Chainguard
added 2025/05/22 7:15 p.m.17 views

CVE-2024-37372 vulnerabilities

Vulnerabilities for packages: nodejs...

3.6CVSS5.8AI score0.00477EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/02/25 12:0 a.m.6 views

openSUSE Security Advisory (SUSE-SU-2024:2574-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.6AI score0.01387EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2025/02/25 12:0 a.m.8 views

openSUSE Security Advisory (SUSE-SU-2024:2543-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.6AI score0.01387EPSS
Exploits0References8
NVD
NVD
added 2025/01/09 1:15 a.m.14 views

CVE-2024-37372

The Permission Model assumes that any path starting with two backslashes \ has a four-character prefix that can be ignored, which is not always true. This subtle bug leads to vulnerable edge cases...

3.6CVSS0.00477EPSS
Exploits0References3
OSV
OSV
added 2025/01/09 1:15 a.m.21 views

CVE-2024-37372

The Permission Model assumes that any path starting with two backslashes \ has a four-character prefix that can be ignored, which is not always true. This subtle bug leads to vulnerable edge cases...

5.3AI score
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/01/09 1:15 a.m.26 views

CVE-2024-37372

The Permission Model assumes that any path starting with two backslashes \ has a four-character prefix that can be ignored, which is not always true. This subtle bug leads to vulnerable edge cases...

3.6CVSS6.7AI score0.00477EPSS
Exploits0References2
OSV
OSV
added 2025/01/09 1:15 a.m.3 views

UBUNTU-CVE-2024-37372

The Permission Model assumes that any path starting with two backslashes \ has a four-character prefix that can be ignored, which is not always true. This subtle bug leads to vulnerable edge cases...

3.6CVSS6.6AI score0.00477EPSS
Exploits0References3
Circl
Circl
added 2025/01/09 1:11 a.m.5 views

CVE-2024-37372

creationtimestamp| type| source ---|---|--- 2025-01-09 01:11:49+00:00| seen| https://infosec.exchange/users/cve/statuses/113795734498923692 2025-01-09 01:15:23+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/870 2025-01-09 01:15:58+00:00| seen|...

3.6CVSS6.1AI score0.00477EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/01/09 12:33 a.m.8 views

CVE-2024-37372

The Permission Model assumes that any path starting with two backslashes \ has a four-character prefix that can be ignored, which is not always true. This subtle bug leads to vulnerable edge cases...

3.6CVSS6.6AI score0.00477EPSS
Exploits0References2
CVE
CVE
added 2025/01/09 12:33 a.m.218 views

CVE-2024-37372

The CVE-2024-37372 entry concerns Node.js and the experimental permission model. The root cause is a faulty assumption in UNC path handling: the model treats paths starting with two backslashes as having a four-character prefix that can be ignored, which is not universally true. This leads to vul...

3.6CVSS6.8AI score0.00477EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/01/09 12:33 a.m.28 views

CVE-2024-37372

The Permission Model assumes that any path starting with two backslashes \ has a four-character prefix that can be ignored, which is not always true. This subtle bug leads to vulnerable edge cases...

3.6CVSS6.2AI score0.00477EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/08/29 12:0 a.m.22 views

Mageia: Security Advisory (MGASA-2024-0282)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.4AI score0.01104EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2024/07/23 12:0 a.m.32 views

SUSE SLES15 / openSUSE 15 Security Update : nodejs20 (SUSE-SU-2024:2574-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2574-1 advisory. Update to 20.15.1: - CVE-2024-36138: Fixed CVE-2024-27980 fix bypass bsc1227560 - CVE-2024-22020: Fixed a bypass of...

8.1CVSS7AI score0.01387EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2024/07/18 12:0 a.m.26 views

SUSE SLES15 / openSUSE 15 Security Update : nodejs20 (SUSE-SU-2024:2543-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2543-1 advisory. Update to 20.15.1: - CVE-2024-36138: Fixed CVE-2024-27980 fix bypass bsc1227560 - CVE-2024-22020: Fixed a bypass of...

8.1CVSS7AI score0.01387EPSS
Exploits0References18
OpenVAS
OpenVAS
added 2024/07/09 12:0 a.m.22 views

Node.js 20.x < 20.15.1, 21.x < 22.4.1 Multiple Vulnerabilities - Windows

Node.js is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js"; ifdescription...

3.6CVSS6.1AI score0.00477EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/07/09 12:0 a.m.21 views

Node.js 20.x < 20.15.1, 21.x < 22.4.1 Multiple Vulnerabilities - Mac OS X

Node.js is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js"; ifdescription...

3.6CVSS7.3AI score0.00477EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/07/08 12:0 a.m.248 views

Node.js 18.x < 18.20.4 / 20.x < 20.15.1 / 22.x < 22.4.1 Multiple Vulnerabilities (Monday, July 8, 2024 Security Releases).

The version of Node.js installed on the remote host is prior to 18.20.4, 20.15.1, 22.4.1. It is, therefore, affected by multiple vulnerabilities as referenced in the Monday, July 8, 2024 Security Releases advisory. - The CVE-2024-27980 was identified as an incomplete fix for the BatBadBut...

8.1CVSS7.9AI score0.01387EPSS
Exploits0References6
Rows per page
Query Builder