Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2026/04/14 1:10 p.m.4 views

JLSEC-2026-99

Deno =1.14.0 file sandbox does not handle symbolic links correctly. When running Deno with specific write access, the Deno.symlink method can be used to gain access to any directory...

8.4CVSS7.2AI score0.00128EPSS
Exploits1References4
OSV
OSVadded 2026/04/14 1:10 p.m.1 views

JLSEC-2026-114 Deno node:crypto doesn't finalize cipher

Summary The vulnerability allows an attacker to have infinite encryptions. This can lead to naive attempts at brute forcing, as well as more refined attacks with the goal to learn the server secrets. PoC js import crypto from "node:crypto"; const key = crypto.randomBytes32; const iv =...

9.2CVSS5.8AI score0.0001EPSS
Exploits1References4
OSV
OSVadded 2026/01/16 3:49 p.m.6 views

GHSA-5379-F5HF-W38V Deno node:crypto doesn't finalize cipher

Summary The vulnerability allows an attacker to have infinite encryptions. This can lead to naive attempts at brute forcing, as well as more refined attacks with the goal to learn the server secrets. PoC js import crypto from "node:crypto"; const key = crypto.randomBytes32; const iv =...

9.2CVSS6.8AI score0.0001EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2025/05/23 9:39 a.m.3 views

CVE-2024-27931

Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. Insufficient validation of parameters in Deno.makeTemp APIs would allow for creation of files outside of the allowed directories. This may allow the user to overwrite important files on the system that may affect othe...

6.5CVSS6.7AI score0.00287EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 6:1 a.m.2 views

CVE-2023-28445

Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Resizable ArrayBuffers passed to asynchronous functions that are shrunk during the asynchronous operation could result in an out-of-bound read/write. It is unlikely that this has been exploited in the wild, as the...

9.9CVSS6.7AI score0.00774EPSS
Exploits0References1
CNNVD
CNNVDadded 2023/05/31 12:0 a.m.1 views

Deno 安全漏洞

Deno is open source a simple , modern and secure JavaScript and TypeScript runtime environment . It uses V8 and is built with Rust. A security vulnerability exists in Deno version 1.34.0, denoruntime version 0.114.0, which stems from an incorrectly checked outbound HTTP request made using the...

9.8CVSS8.3AI score0.00332EPSS
Exploits0References3
CNNVD
CNNVDadded 2023/03/24 12:0 a.m.1 views

Deno 安全漏洞

Deno is open source a simple , modern and secure JavaScript and TypeScript runtime environment . It uses V8 and is built with Rust. A security vulnerability exists in Deno 1.8.0 and earlier versions that exploits a vulnerability that allows a malicious program to clear the first two lines of the...

8.8CVSS8.4AI score0.00469EPSS
Exploits1References4
Rows per page
Query Builder