Lucene search
+L

27 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: nodejs (CVE-2025-23165)

The version of nodejs installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-23165 advisory. - In Node.js, the ReadFileUtf8 internal binding leaks memory due to a corrupted pointer in uvfss.file: a UTF-1...

3.7CVSS5.8AI score0.0048EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/11 11:41 a.m.15 views

Security Bulletin: Multiple vulnerabilities in NodeJS affect IBM Business Automation Workflow Configuration Editor

Summary IBM Business Automation Workflow Configuration Editor packages a vulnerable version of the NodeJS runtime and a vulnerable module. Vulnerability Details CVEID:CVE-2025-23165 DESCRIPTION: In Node.js, the ReadFileUtf8 internal binding leaks memory due to a corrupted pointer in uvfss.file: a...

7.5CVSS6.5AI score0.09752EPSS
Exploits6Affected Software2
Chainguard
Chainguard
added 2025/09/10 1:36 p.m.7 views

CVE-2025-23165 vulnerabilities

Vulnerabilities for packages: nodejs...

3.7CVSS7AI score0.0048EPSS
Exploits0
CBLMariner
CBLMariner
added 2025/07/10 3:9 p.m.9 views

CVE-2025-23165 affecting package nodejs for versions less than 20.14.0-9

CVE-2025-23165 affecting package nodejs for versions less than 20.14.0-9. A patched version of the package is available...

3.7CVSS7.3AI score0.0048EPSS
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2025/07/05 12:0 a.m.6 views

corepack22-22.15.1-1.1 on GA media (moderate)

corepack22-22.15.1-1.1 on GA media Announcement ID: openSUSE-SU-2025:15250-1 Rating: moderate Cross-References: CVE-2025-23165 CVE-2025-23166 CVSS scores: CVE-2025-23165 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2025-23165 SUSE : 6.3...

8.2CVSS7.4AI score0.00763EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/06/27 12:0 a.m.4 views

SUSE SLES15 Security Update : nodejs22 (SUSE-SU-2025:01879-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01879-1 advisory. Update to version 22.15.1. Security issues fixed: - CVE-2025-23166: remotely triggerable process crash due to improper error...

7.5CVSS6.9AI score0.00763EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/06/27 12:0 a.m.3 views

SUSE SLES15 / openSUSE 15 Security Update : nodejs22 (SUSE-SU-2025:01878-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01878-1 advisory. Update to version 22.15.1. Security issues fixed: - CVE-2025-23166: remotely triggerable process crash due to improp...

7.5CVSS6.9AI score0.00763EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/06/26 12:0 a.m.3 views

SUSE SLES15 Security Update : nodejs20 (SUSE-SU-2025:02039-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02039-1 advisory. Update to 20.19.2: - CVE-2025-23166: improper error handling in async cryptographic operations crashes process bsc1243218. -...

7.5CVSS6.9AI score0.00763EPSS
Exploits1References11
OpenVAS
OpenVAS
added 2025/06/23 12:0 a.m.3 views

openSUSE Security Advisory (SUSE-SU-2025:02045-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.9AI score0.00763EPSS
Exploits1References7
OSV
OSV
added 2025/06/20 9:40 a.m.2 views

SUSE-SU-2025:02039-1 Security update for nodejs20

This update for nodejs20 fixes the following issues: Update to 20.19.2: - CVE-2025-23166: improper error handling in async cryptographic operations crashes process bsc1243218. - CVE-2025-23167: improper HTTP header block termination in llhttp bsc1243220. - CVE-2025-23165: add missing call to...

7.5CVSS6.9AI score0.00763EPSS
Exploits1References8
OpenVAS
OpenVAS
added 2025/06/13 12:0 a.m.7 views

openSUSE Security Advisory (SUSE-SU-2025:01878-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.9AI score0.00763EPSS
Exploits0References7
SUSE Linux
SUSE Linux
added 2025/06/11 5:41 a.m.0 views

Security update for nodejs22

This update for nodejs22 fixes the following issues: Update to version 22.15.1. Security issues fixed: CVE-2025-23166: remotely triggerable process crash due to improper error handling in async cryptographic operations bsc1243218. CVE-2025-23165: memory leak and unbounded memory growth due to...

8.2CVSS6.6AI score0.00763EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2025/05/28 12:0 a.m.9 views

Fedora 41 : nodejs20 (2025-0c2b7a8f32)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-0c2b7a8f32 advisory. Update to 20.19.2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

7.5CVSS6.9AI score0.00763EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/05/28 12:0 a.m.7 views

Fedora 41 : nodejs22 (2025-61ad6e65b3)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-61ad6e65b3 advisory. Update to version 22.15.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

7.5CVSS6.9AI score0.00763EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2025/05/28 12:0 a.m.5 views

Fedora: Security Advisory (FEDORA-2025-f4cee58e97)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.00763EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2025/05/28 12:0 a.m.6 views

Fedora: Security Advisory (FEDORA-2025-0c2b7a8f32)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.00763EPSS
Exploits1References9
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.13 views

Mageia: Security Advisory (MGASA-2025-0161)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.00763EPSS
Exploits1References4
OSV
OSV
added 2025/05/23 1:59 p.m.5 views

OESA-2025-1534 nodejs security update

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

7.5CVSS6.9AI score0.00763EPSS
Exploits0References3
OSV
OSV
added 2025/05/23 1:59 p.m.4 views

OESA-2025-1533 nodejs security update

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

7.5CVSS6.9AI score0.00763EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2025/05/23 12:0 a.m.7 views

Node.js < 20.19.2, 22.x < 22.15.1 DoS Vulnerability - Windows

Node.js is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js";...

3.7CVSS5.7AI score0.0048EPSS
Exploits0References2
Rows per page
Query Builder