GHSA-5RWJ-J5M3-3CHJ Missing Release of Memory after Effective Lifetime in detect-character-encoding

Impact In detect-character-encoding v0.3.0 and earlier, allocated memory is not released. Patches The problem has been patched in detect-character-encoding v0.3.1. CVSS score CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/RL:O/RC:C Base Score: 7.5 High Temporal Score: 7.2 High Since...

CVE-2021-39157

detect-character-encoding is an open source character encoding inspection library. In detect-character-encoding v0.6.0 and earlier, data matching no charset causes the Node.js process to crash. The problem has been patched in detect-character-encoding v0.7.0. No workaround are available and all...

CVE-2021-39157 Improper Handling of Exceptional Conditions in detect-character-encoding

detect-character-encoding is an open source character encoding inspection library. In detect-character-encoding v0.6.0 and earlier, data matching no charset causes the Node.js process to crash. The problem has been patched in detect-character-encoding v0.7.0. No workaround are available and all...

Improper Handling of Unexpected Data Type in ced

Impact In ced v0.1.0, passing data types other than Buffer causes the Node.js process to crash. Patches The problem has been patched in ced v1.0.0. You can upgrade from v0.1.0 without any breaking changes. Workarounds Before passing an argument to ced, verify it’s a Buffer using Buffer.isBufferob...

GHSA-27WQ-QX3Q-FXM9 Improper Handling of Unexpected Data Type in ced

Impact In ced v0.1.0, passing data types other than Buffer causes the Node.js process to crash. Patches The problem has been patched in ced v1.0.0. You can upgrade from v0.1.0 without any breaking changes. Workarounds Before passing an argument to ced, verify it’s a Buffer using Buffer.isBufferob...

CVE-2019-13030

eQ-3 Homematic CCU3 AddOn 'Mediola NEO Server for Homematic CCU3' prior to 2.4.5 allows uncontrolled admin access to start or stop the Node.js process, resulting in the ability to obtain mediola configuration details. This is related to improper access control for addons configuration pages and a...

Improper access control

eQ-3 Homematic CCU3 AddOn 'Mediola NEO Server for Homematic CCU3' prior to 2.4.5 allows uncontrolled admin access to start or stop the Node.js process, resulting in the ability to obtain mediola configuration details. This is related to improper access control for addons configuration pages and a...

CVE-2019-13030

eQ-3 Homematic CCU3 AddOn 'Mediola NEO Server for Homematic CCU3' prior to 2.4.5 allows uncontrolled admin access to start or stop the Node.js process, resulting in the ability to obtain mediola configuration details. This is related to improper access control for addons configuration pages and a...

CVE-2017-16025

Nes is a websocket extension library for hapi. Hapi is a webserver framework. Versions below and including 6.4.0 have a denial of service vulnerability via an invalid Cookie header. This is only present when websocket authentication is set to cookie. Submitting an invalid cookie on the websocket...