5 matches found
nest 安全漏洞
Nest is a Node.js framework developed by NestJS, designed for building efficient, scalable, and enterprise-level server-side applications using TypeScript/JavaScript. Versions of Nest prior to 11.1.19 contained a security vulnerability. This vulnerability stemmed from the recursive invocation of...
CVE-2025-61730 Handshake messages may be processed at the incorrect encryption level in crypto/tls
During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries for instance the Client Hello and Encrypted Extensions messages, the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosu...
Apple macOS 安全漏洞
Apple macOS is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in macOS, which is caused by a boundary error in Heimdal when processing server messages. The following products and versions are affected: macOS: 11.0 20A2411, 11.0.1 20B29,...
The vulnerability of the Android operating system in the CAF repository exists due to errors in processing incoming 3G NAS messages. This allows a perpetrator to compromise privacy, integrity, and accessibility.
The vulnerability of the Android operating system from the CAF repository is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality, integrity, and accessibility of incoming 3G NAS messages...
mod_cluster: JavaScript code injection is possible via MCMP mod_manager messages
A flaw was found in the way the modcluster manager processed certain MCMP messages. An attacker with access to the network from which MCMP messages are allowed to be sent could use this flaw to execute arbitrary JavaScript code in the modcluster manager web interface...