Lucene search
K

11 matches found

CNNVD
CNNVD
added 2026/01/20 12:0 a.m.9 views

Node.js security vulnerabilities

Node.js is an open-source, cross-platform JavaScript runtime environment developed by the Node.js community. Versions 20, 22, 24, and 25 of Node.js contain security vulnerabilities. These vulnerabilities stem from flaws in the permission model, which could allow attackers to bypass file system...

9.1CVSS7.1AI score0.01633EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2026/01/09 8:37 a.m.9 views

CVE-2019-11628

An issue was discovered in QlikView Server before 11.20 SR19, 12.00 and 12.10 before 12.10 SR11, 12.20 before SR9, and 12.30 before SR2; and Qlik Sense Enterprise and Qlik Analytics Platform installations that lack these patch levels: February 2018 Patch 4, April 2018 Patch 3, June 2018 Patch 3,...

8.2CVSS6.6AI score0.00991EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-3298

Malware in sbrugna...

8.2CVSS7.4AI score0.00991EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2012-4770

Malware in sbrugna...

6.8CVSS6.1AI score0.01617EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2025/05/22 2:27 a.m.8 views

CVE-2012-4442

Monkey HTTP Daemon 0.9.3 retains the supplementary group IDs of the root account during operations with a non-root effective UID, which might allow local users to bypass intended file-read restrictions by leveraging a race condition in a file-permission check...

4.7CVSS6.7AI score0.00313EPSS
Exploits0References1
NVD
NVD
added 2019/05/01 3:29 a.m.24 views

CVE-2019-11628

An issue was discovered in QlikView Server before 11.20 SR19, 12.00 and 12.10 before 12.10 SR11, 12.20 before SR9, and 12.30 before SR2; and Qlik Sense Enterprise and Qlik Analytics Platform installations that lack these patch levels: February 2018 Patch 4, April 2018 Patch 3, June 2018 Patch 3,...

8.2CVSS8.1AI score0.00991EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/05/01 2:7 a.m.23 views

CVE-2019-11628

An issue was discovered in QlikView Server before 11.20 SR19, 12.00 and 12.10 before 12.10 SR11, 12.20 before SR9, and 12.30 before SR2; and Qlik Sense Enterprise and Qlik Analytics Platform installations that lack these patch levels: February 2018 Patch 4, April 2018 Patch 3, June 2018 Patch 3,...

8.2CVSS8.1AI score0.00991EPSS
Exploits0References1
CVE
CVE
added 2019/05/01 2:7 a.m.77 views

CVE-2019-11628

The CVE affects QlikView Server (pre-11.20 SR19, 12.00, 12.10 before SR11, 12.20 before SR9, 12.30 before SR2) and Qlik Sense Enterprise / Qlik Analytics Platform installations lacking specific patches (Feb 2018 Patch 4, Apr 2018 Patch 3, Jun 2018 Patch 3, Sep 2018 Patch 4, Nov 2018 Patch 4, or F...

8.2CVSS6.3AI score0.00991EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2017/12/27 5:8 p.m.1 views

CVE-2017-17876

Biometric Shift Employee Management System 3.0 allows remote attackers to bypass intended file-read restrictions via a user=download request with a pathname in the path parameter...

7.5CVSS5.8AI score
Exploits0References1
CVE
CVE
added 2017/12/26 6:0 p.m.113 views

CVE-2017-17876

Biometric Shift Employee Management System 3.0 is affected. The vulnerability lets remote attackers bypass file-read restrictions via a user=download request with a pathname in the path parameter, enabling local file disclosure. This is corroborated by CNVD/NVD entries and Exploit-DB references (...

7.5CVSS7.3AI score0.09542EPSS
Exploits5References1Affected Software1
UbuntuCve
UbuntuCve
added 2012/10/05 9:55 p.m.25 views

CVE-2012-4442

Monkey HTTP Daemon 0.9.3 retains the supplementary group IDs of the root account during operations with a non-root effective UID, which might allow local users to bypass intended file-read restrictions by leveraging a race condition in a file-permission check...

4.7CVSS5.9AI score0.00313EPSS
Exploits0References1
Rows per page
Query Builder