1558 matches found
CVE-2018-16081
Allowing the chrome.debugger API to run on file:// URLs in DevTools in Google Chrome prior to 69.0.3497.81 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system without file access permission via a crafted Chrome Extension...
UBUNTU-CVE-2018-6139
Insufficient target checks on the chrome.debugger API in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension...
CVE-2018-16081
Allowing the chrome.debugger API to run on file:// URLs in DevTools in Google Chrome prior to 69.0.3497.81 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system without file access permission via a crafted Chrome Extension...
CVE-2018-6140
Allowing the chrome.debugger API to attach to Web UI pages in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension...
UBUNTU-CVE-2018-6140
Allowing the chrome.debugger API to attach to Web UI pages in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension...
Design/Logic Flaw
Allowing the chrome.debugger API to run on file:// URLs in DevTools in Google Chrome prior to 69.0.3497.81 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system without file access permission via a crafted Chrome Extension...
CVE-2018-16081
Allowing the chrome.debugger API to run on file:// URLs in DevTools in Google Chrome prior to 69.0.3497.81 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system without file access permission via a crafted Chrome Extension...
CVE-2018-6140
Removed by vendor...
CVE-2018-6140
Allowing the chrome.debugger API to attach to Web UI pages in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension...
SUSE SLES12 Security Update : nodejs4 (SUSE-SU-2017:0855-1)
This update for nodejs4 fixes the following issues : - New upstream LTS release 4.7.3 The embedded openssl sources were updated to 1.0.2k CVE-2017-3731, CVE-2017-3732, CVE-2016-7055, bsc1022085, bsc1022086, bsc1009528 - No changes in LTS version 4.7.2 - New upstream LTS release 4.7.1 - build:...
Node.js Multiple Vulnerabilities (November 2018 Security Releases)
The version of Node.js installed on the remote host is 6.x prior to 6.15.0, 8.x prior to 8.14.0 or 10.x prior to 10.14.0 or 11.x prior to 11.3.0. It is, therefore, affected by multiple vulnerabilities. - OpenSSL Timing vulnerability in DSA signature generation CVE-2018-0734. - OpenSSL Timing...
Razer Cortex Debugger Remote Command Execution Vulnerability
Razer Cortex has a CEF debugger stub enabled by default allowing arbitrary remote command execution. Razer "Cortex" has CEF debugger stub enabled by default allowing arbitrary remote command execution. I was alerted on twitter that the software distributed by Razer for their gaming equipment migh...
Razer Cortex Debugger Remote Command Execution
Razer "Cortex" has CEF debugger stub enabled by default allowing arbitrary remote command execution. I was alerted on twitter that the software distributed by Razer for their gaming equipment might be unsafe, I downloaded the ones I could see online to take a look. I have only looked at "Cortex",...
Cumulative Update 25 for Microsoft Dynamics NAV 2017 (Build 26396)
Cumulative Update 25 for Microsoft Dynamics NAV 2017 Build 26396 This article applies to Microsoft Dynamics NAV 2017 for all countries and all language locales. Overview This cumulative update includes all hotfixes and regulatory features that have been released for Microsoft Dynamics NAV 2017,...
FreeBSD : node.js -- multiple vulnerabilities (2a86f45a-fc3c-11e8-a414-00155d006b02)
Node.js reports : Updates are now available for all active Node.js release lines. These include fixes for the vulnerabilities identified in the initial announcement. They also include upgrades of Node.js 6 and 8 to OpenSSL 1.0.2q, and upgrades of Node.js 10 and 11 to OpenSSL 1.1.0j. We recommend...
Node.js 'debugger' Privilege Escalation Vulnerability - Mac OS X
Node.js is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js";...
Node.js 'debugger' Privilege Escalation Vulnerability - Windows
Node.js is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js";...
CVE-2018-12120
Node.js: All versions prior to Node.js 6.15.0: Debugger port 5858 listens on any interface by default: When the debugger is enabled with node --debug or node debug, it listens to port 5858 on all interfaces by default. This may allow remote computers to attach to the debug port and evaluate...
UBUNTU-CVE-2018-12120
Node.js: All versions prior to Node.js 6.15.0: Debugger port 5858 listens on any interface by default: When the debugger is enabled with node --debug or node debug, it listens to port 5858 on all interfaces by default. This may allow remote computers to attach to the debug port and evaluate...
DEBIAN-CVE-2018-12120
Node.js: All versions prior to Node.js 6.15.0: Debugger port 5858 listens on any interface by default: When the debugger is enabled with node --debug or node debug, it listens to port 5858 on all interfaces by default. This may allow remote computers to attach to the debug port and evaluate...