CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

SUSE CVE•added 2023/02/15 5:12 a.m.•1 views

SUSE CVE-2015-8315

The ms package before 0.7.1 for Node.js allows attackers to cause a denial of service CPU consumption via a long version string, aka a "regular expression denial of service ReDoS."...

7.8CVSS6.8AI score0.00779EPSS

Exploits1References3

OSSF Malicious Packages•added 2022/10/05 12:26 a.m.•2 views

Malicious code in graphql-ms (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1579df6eb121dfcca4111c8ed7ad074f1b52d4847ad652e6b9cb71cea45015b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

Exploits0References1

OSSF Malicious Packages•added 2022/08/19 3:55 a.m.•2 views

Malicious code in rpety-ms (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a861356d1e3f8e163562836f71abd647ac225b55c790db1ec223853ec5979a29 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

Exploits0References1

OSSF Malicious Packages•added 2022/07/08 12:2 p.m.•1 views

Malicious code in small-ms (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 96bee317ebf983fc6131797932fc73436c62f4f95f0e963ae3622f7ab4647851 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

Exploits0References1

OSSF Malicious Packages•added 2022/06/08 8:43 a.m.•1 views

Malicious code in stripe-ms (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6768625a605caa8f499ca468486f47122cb94054148e3489c677ca9fb25edc28 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

Exploits0References1

Prion•added 2017/01/23 9:59 p.m.•19 views

Design/Logic Flaw

The ms package before 0.7.1 for Node.js allows attackers to cause a denial of service CPU consumption via a long version string, aka a "regular expression denial of service ReDoS."...

7.8CVSS6.8AI score0.00779EPSS

Exploits1References4Affected Software1

CVE•added 2017/01/23 9:0 p.m.•95 views

CVE-2015-8315

The Node.js ms module is vulnerable to a regular expression denial of service (ReDoS) when parsing extremely long version strings. This affects versions before 0.7.1 and can cause CPU exhaustion, potentially degrading availability. Multiple sources (NVD entry CVE-2015-8315 and OSS/NVD mirrors, np...

7.8CVSS7.2AI score0.00779EPSS

Exploits1References4Affected Software1

Debian CVE•added 2017/01/23 9:0 p.m.•24 views

CVE-2015-8315

The ms package before 0.7.1 for Node.js allows attackers to cause a denial of service CPU consumption via a long version string, aka a "regular expression denial of service ReDoS."...

7.8CVSS7.4AI score0.00779EPSS

Exploits1

Node.js•added 2015/10/24 4:6 p.m.•21 views

Regular Expression Denial of Service

Overview Versions of ms prior to 0.7.1 are affected by a regular expression denial of service vulnerability when extremely long version strings are parsed. Proof of Concept javascript var ms = require'ms'; var genstr = function len, chr var result = ""; for i=0; i=len; i++ result = result + chr;...

7.8CVSS2.7AI score0.00779EPSS

Exploits1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by