Lucene search
+L

48 matches found

BDU FSTEC
BDU FSTEC
added 2026/05/25 12:0 a.m.4 views

The vulnerability of the minimatch library on the Node.js software platform lies in the use of a regular expression with inefficient computational complexity, which allows attackers to trigger a service failure.

The vulnerability of the minimatch library on the Node.js software platform is related to the use of a regular expression with inefficient computational complexity. Exploiting this vulnerability could allow an attacker to cause service interruptions remotely...

7.8CVSS6.5AI score0.00472EPSS
Exploits1References7Affected Software4
Redos
Redos
added 2026/04/01 12:0 a.m.3 views

ROS-20260401-73-0036

A vulnerability in the Node.js software platform is related to an exceptional state handling bug. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7.2AI score0.03782EPSS
Exploits0
Redos
Redos
added 2026/04/01 12:0 a.m.8 views

ROS-20260401-73-0035

A vulnerability in the Node.js software platform is related to an exceptional state handling bug. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7.2AI score0.03782EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2026/02/11 12:0 a.m.3 views

The vulnerability of the diff library (jsdiff) in the Node.js software platform, which allows a hacker to cause a service failure.

The vulnerability of the diff library jsdiff in the Node.js software platform is related to an uncontrolled resource consumption during the processing of the parsePatch parameter. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

5.3CVSS5.8AI score0.00562EPSS
Exploits0References6Affected Software3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-2121

Malware in sbrugna...

7.5CVSS7AI score0.01466EPSS
Exploits1References8
Fedora
Fedora
added 2025/05/28 2:33 a.m.21 views

[SECURITY] Fedora 41 Update: nodejs22-22.15.1-1.fc41

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

7.5CVSS7.6AI score0.00763EPSS
Exploits0
Fedora
Fedora
added 2025/05/28 2:33 a.m.10 views

[SECURITY] Fedora 41 Update: nodejs20-20.19.2-1.fc41

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

7.5CVSS7.6AI score0.00763EPSS
Exploits1
Fedora
Fedora
added 2025/05/28 1:56 a.m.10 views

[SECURITY] Fedora 42 Update: nodejs22-22.15.1-1.fc42

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

7.5CVSS7.6AI score0.00763EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 7:46 p.m.7 views

CVE-2021-32831

Total.js framework npm package total.js is a framework for Node.js platfrom written in pure JavaScript similar to PHP's Laravel or Python's Django or ASP.NET MVC. In total.js framework before version 3.4.9, calling the utils.set function with user-controlled values leads to code-injection. This c...

7.5CVSS7.4AI score0.01466EPSS
Exploits1References1
Fedora
Fedora
added 2025/05/11 2:31 a.m.10 views

[SECURITY] Fedora 41 Update: nodejs22-22.15.0-2.fc41

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

8.3CVSS6.5AI score0.00577EPSS
Exploits0
Fedora
Fedora
added 2025/05/11 1:43 a.m.11 views

[SECURITY] Fedora 40 Update: nodejs22-22.15.0-2.fc40

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

8.3CVSS6.5AI score0.00577EPSS
Exploits0
Fedora
Fedora
added 2025/05/07 4:0 a.m.30 views

[SECURITY] Fedora 41 Update: nodejs20-20.19.1-1.fc41

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

8.3CVSS6.5AI score0.00577EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/03/27 12:0 a.m.9 views

The vulnerability of the diagnostics_channel utility in the Node.js software platform allows a hacker to bypass established security restrictions.

The vulnerability of the diagnosticschannel utility in the Node.js software platform is related to lack of access control mechanisms. Exploiting this vulnerability could allow an attacker to circumvent established security restrictions...

7.7CVSS6.9AI score0.00413EPSS
Exploits0References6Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/03/17 12:0 a.m.38 views

The vulnerability of the encryption and digital signature verification library in the Node.js software platform xml-crypto is related to deficiencies in the mechanism for verifying cryptographic signatures. This vulnerability allows attackers to enhance their privileges.

The vulnerability of the XML-crypto library and the digital signature verification mechanism in Node.js software platforms is related to deficiencies in the signature verification mechanism. Exploiting this vulnerability could allow a malicious actor to enhance their privileges by sending special...

10CVSS7.7AI score0.09378EPSS
Exploits1References9Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/13 12:0 a.m.6 views

The vulnerability of the Node.js software platform, related to the lack of memory release after the effective lifespan, allows a hacker to trigger a service failure.

The vulnerability of the Node.js software platform lies in the lack of memory release after the effective lifespan of the application. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

5.3CVSS6.7AI score0.01327EPSS
Exploits0References8Affected Software8
Fedora
Fedora
added 2025/03/01 1:24 a.m.18 views

[SECURITY] Fedora 41 Update: nodejs22-22.14.0-2.fc41

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

7.7CVSS6.9AI score0.00413EPSS
Exploits0
Fedora
Fedora
added 2025/02/01 5:42 a.m.17 views

[SECURITY] Fedora 41 Update: nodejs18-18.20.6-1.fc41

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

5.6CVSS5.6AI score0.01404EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2024/09/03 2:29 a.m.26 views

Moderate: Red Hat Security Advisory: nodejs:18 security update

An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

6.5CVSS6.6AI score0.01104EPSS
Exploits1References3
AlmaLinux
AlmaLinux
added 2024/09/03 12:0 a.m.41 views

Moderate: nodejs:18 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: node-tar: denial of service while parsing a tar file due to lack of folders depth validation CVE-2024-28863 nodejs: Bypass network import...

6.5CVSS6.7AI score0.01104EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2024/06/03 12:0 a.m.6 views

The vulnerability of the setuid() module on the Node.js software platform, which allows a malicious actor to escalate their privileges

The vulnerability of the setuid module in the Node.js software platform is related to context switching errors during privilege escalation. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7.3CVSS6.9AI score0.00893EPSS
Exploits0References10Affected Software5
Rows per page
Query Builder