Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7911 matches found

IBM Security Bulletins
IBM Security Bulletinsadded 2018/06/16 9:39 p.m.52 views

Security Bulletin: OpenSSL as used in IBM QRadar SIEM is vulnerable to a Denial of Service attack, and Sensitive Information Exposure. (CVE-2015-3194, CVE-2015-3195, CVE-2015-3196)

Summary OpenSSL vulnerabilities announced 12-3-15 this will also cover Node.js which consumes OpenSSL Vulnerability Details CVE-ID: CVE-2015-3194 Description: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference when verifying certificates via a malformed routine. An...

7.5CVSS1.4AI score0.54488EPSS
Exploits1Affected Software1
Fedora
Fedoraadded 2018/06/16 8:20 p.m.15 views

[SECURITY] Fedora 28 Update: nodejs-uri-js-4.2.2-2.fc28

URI.js is an RFC 3986 compliant, scheme extendable URI parsing/validating/resolving library for all JavaScript environments browsers, Node.js, etc...

6.8CVSS4AI score0.00217EPSS
Exploits1
Fedora
Fedoraadded 2018/06/16 8:20 p.m.28 views

[SECURITY] Fedora 28 Update: nodejs-JSV-4.0.2-12.fc28

JSV is a JavaScript implementation of a extendable, fully compliant JSON Schema validator with the following features: The fastest extendable JSON validator available! Complete implementation of all current JSON Schema draft revisions. Supports creating individual environments sandboxes that...

6.8CVSS1.1AI score0.00217EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletinsadded 2018/06/15 7:8 a.m.29 views

Security Bulletin: IBM API Connect is affected by Node.js tough-cookie module vulnerability to a denial of service (CVE-2016-1000232)

Summary API Connect has addressed the following vulnerability. Node.js tough-cookie module is vulnerable to a denial of service, caused by a regular expression error. By using a sufficiently large HTTP request Cookie header, a remote attacker could exploit this vulnerability to cause the...

5.3CVSS0.9AI score0.00921EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2018/06/15 7:8 a.m.20 views

Security Bulletin: API Connect is affected by a Node.js denial of service vulnerability (CVE-2017-14919)

Summary IBM API Connect has addressed the following vulnerability. Node.js is vulnerable to a denial of service, caused by an uncaught exception flaw in the zlib module. By making 8 an invalid value for the windowBits parameter, a remote attacker could exploit this vulnerability to cause the...

7.5CVSS1.1AI score0.00556EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2018/06/15 7:8 a.m.26 views

Security Bulletin: Multiple vulnerabilities in Node.js affect IBM API Connect (CVE-2017-1000381, CVE-2017-11499)

Summary IBM API Connect has addressed Node.js vulnerabilities involving access to sensitive information and potential denial of service. Vulnerability Details CVEID: CVE-2017-1000381 DESCRIPTION: c-ares could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read...

7.5CVSS1.8AI score0.00545EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2018/06/15 7:8 a.m.27 views

Security Bulletin: Vulnerability in Node.js affects IBM DataPower Gateways (CVE-2017-11499)

Summary Potential Denial of Service in Node.js. IBM DataPower Gateways has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2017-11499 DESCRIPTION: Node.js is vulnerable to a denial of service, caused by a flaw related to constant HashTable seeds. A remote attacker could exploit thi...

7.5CVSS2.1AI score0.00545EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2018/06/15 7:7 a.m.33 views

Security Bulletin: Security vulnerabilities in IBM SDK for Node.js might affect IBM Business Process Manager (BPM) Configuration Editor

Summary Security vulnerabilities have been reported for IBM SDK for Node.js. IBM Business Process Manager includes a stand-alone tool for editing configuration properties files that is based IBM SDK for Node.js. Vulnerability Details CVEID: CVE-2017-1000381 DESCRIPTION: c-ares could allow a remot...

7.5CVSS0.8AI score0.00545EPSS
Exploits1Affected Software3
IBM Security Bulletins
IBM Security Bulletinsadded 2018/06/15 7:7 a.m.40 views

Security Bulletin: Multiple vulnerabilities may affect ASP.NET Core in IBM Bluemix

Summary Vulnerabilities in .NET Core, ASP.NET Core Could Allow Elevation of Privilege. Vulnerabilities in Node.js and the c-ares library were disclosed on July 11 2017 by the Node.js Foundation. IBM SDK for Node.js has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2017-0256...

7.5CVSS7.9AI score0.11122EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2018/06/15 7:7 a.m.29 views

Security Bulletin: Multiple vulnerabilities in Node.js affects IBM API Connect (CVE-2016-7099, CVE-2016-5325)

Summary IBM API Connect is affected by three vulnerabilities in Node.js CVE-2016-7099, CVE-2016-5325 and one for which a CVE ID was not assigned. These vulnerabilities are now fixed. Vulnerability Details CVEID: CVE-2016-7099 DESCRIPTION: Node.js could allow a remote attacker to bypass security...

6.1CVSS7AI score0.00985EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2018/06/15 7:6 a.m.20 views

Security Bulletin: Security vulnerabilities in IBM SDK for Node.js might affect IBM Business Process Manager (BPM) Configuration Editor

Summary Security vulnerabilities have been reported for IBM SDK for Node.js. IBM Business Process Manager includes a stand-alone tool for editing configuration properties files that is based IBM SDK for Node.js. Vulnerability Details CVEID: CVE-2016-6304 DESCRIPTION: OpenSSL is vulnerable to a...

9.8CVSS1.2AI score0.40993EPSS
Exploits8Affected Software3
IBM Security Bulletins
IBM Security Bulletinsadded 2018/06/15 7:6 a.m.28 views

Security Bulletin: Security vulnerabilities in IBM SDK for Node.js might affect IBM Business Process Manager (BPM) Configuration Editor (CVE-2014-9748, CVE-2016-1669)

Summary Security vulnerabilities have been reported for IBM SDK for Node.js. IBM Business Process Manager includes a stand-alone tool for editing configuration properties files that is based IBM SDK for Node.js. Vulnerability Details CVEID: CVE-2014-9748 DESCRIPTION: libuv, as used in Node.js is...

9.3CVSS0.5AI score0.01626EPSS
Exploits0Affected Software3
IBM Security Bulletins
IBM Security Bulletinsadded 2018/06/15 7:6 a.m.31 views

Security Bulletin: Vulnerabilities in node.js processing affect IBM DataPower Gateways

Summary IBM DataPower Gateways has addressed vulnerabilities in Node.js V8 processing that could cause a denial of service or remote code execution. Vulnerability Details CVEID: CVE-2016-1669 DESCRIPTION: Node.js V8 processing is vulnerable to a buffer overflow, caused by an error in V8. By...

9.3CVSS8AI score0.01626EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2018/06/15 7:5 a.m.18 views

Security Bulletin: Multiple vulnerabilities in NPM affects IBM API Connect (CVE-2016-3956, CVE-2016-2537, CVE-2016-2515)

Summary IBM API Connect is affected by two ReDoS vulnerabilities in modules included in the Node.js npm tool CVE-2016-2537, CVE-2016-2515 and Node.js Package Manager npm Bearer Token Vulnerability CVE-2016-3956. These vulnerabilities are now fixed. Vulnerability Details CVEID: CVE-2016-2515...

7.8CVSS0.7AI score0.05317EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2018/06/15 7:5 a.m.54 views

Security Bulletin: Vulnerabilities in IBM SDK for Node.js affect IBM Business Process Manager Configuration Editor

Summary Security vulnerabilities have been reported for IBM SDK for Node.js. IBM Business Process Manager includes a stand-alone tool for editing configuration properties files that is based IBM SDK for Node.js CVE-2016-2086, CVE-2016-2216, CVE-2015-3197, CVE-2016-0705, CVE-2016-0797,...

10CVSS0.9AI score0.36537EPSS
Exploits2Affected Software3
IBM Security Bulletins
IBM Security Bulletinsadded 2018/06/15 7:5 a.m.30 views

Security Bulletin: Vulnerability in OpenSSL affects IBM MQ Light (CVE-2015-3197)

Summary OpenSSL vulnerabilities were disclosed on January 28, 2016 by the OpenSSL Project. OpenSSL is used by IBM MQ Light. IBM MQ Light has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-3197 DESCRIPTION: OpenSSL could allow a remote attacker to conduct man-in-the-middle...

5.9CVSS1.3AI score0.22185EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2018/06/15 7:4 a.m.31 views

Security Bulletin: Vulnerabilities in IBM SDK for Node.js affect IBM Business Process Manager Configuration Editor (CVE-2015-8027, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196)

Summary Security vulnerabilities have been reported for IBM SDK for Node.js. IBM Business Process Manager includes a stand-alone tool for editing configuration properties files that is based IBM SDK for Node.js. Vulnerability Details CVEID: CVE-2015-8027 DESCRIPTION: An unspecified vulnerability ...

7.5CVSS0.8AI score0.54488EPSS
Exploits1Affected Software3
IBM Security Bulletins
IBM Security Bulletinsadded 2018/06/15 7:4 a.m.34 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM MQ Light (CVE-2015-3193, CVE-2015-3194)

Summary OpenSSL vulnerabilities were disclosed on December 3, 2015 by the OpenSSL Project. OpenSSL is used by IBM MQ Light. IBM MQ Light has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-3193 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information...

7.5CVSS1AI score0.54488EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2018/06/15 7:3 a.m.29 views

Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect IBM MQ Light (CVE-2015-1788, CVE-2015-1789, CVE-2015-4000)

Summary OpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol CVE-2015-4000. OpenSSL is used by IBM MQ Light. IBM MQ Light has addressed the applicable CVEs. Vulnerability...

7.5CVSS6AI score0.92346EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2018/06/15 7:2 a.m.31 views

Security Bulletin: Vulnerabilities in IBM SDK for Node.js affect IBM Business Process Manager Configuration Editor (CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, CVE-2015-0206)

Summary OpenSSL vulnerabilities were disclosed on January 8, 2015 by the OpenSSL Project. This includes “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability. OpenSSL is used by IBM SDK for Node.js. IBM SDK for Node.js is used by IBM Business Process Manager...

5CVSS0.7AI score0.91945EPSS
Exploits0Affected Software3
Rows per page
Query Builder