Exploit for CVE-2025-69993

Leaflet XSS POC Proof of Concept for CVE-2025-69993 — XSS vul...

CVE-2025-55131 affecting package nodejs18 for versions less than 18.20.3-11

CVE-2025-55131 affecting package nodejs18 for versions less than 18.20.3-11. A patched version of the package is available...

AZL-74973 CVE-2025-59466 affecting package nodejs18 18.20.3-11

We have identified a bug in Node.js error handling where "Maximum call stack size exceeded" errors become uncatchable when asynchooks.createHook is enabled. Instead of reaching process.on'uncaughtException', the process terminates, making the crash unrecoverable. Applications that rely on...

MiracleLinux 8 : nodejs:18 (AXSA:2024-8777:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8777:01 advisory. node-tar: denial of service while parsing a tar file due to lack of folders depth validation CVE-2024-28863 nodejs: Bypass network import restrictio...

MiracleLinux 8 : nodejs:18 (AXSA:2023-6227:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6227:01 advisory. c-ares: 0-byte UDP payload Denial of Service CVE-2023-32067 c-ares: buffer overflow in configsortlist due to missing string length check CVE-2022-49...

MiracleLinux 8 : nodejs:18 (AXSA:2023-6339:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6339:01 advisory. nodejs: mainModule.proto bypass experimental policy mechanism CVE-2023-30581 nodejs: process interuption due to invalid Public Key information in x5...

MiracleLinux 9 : nodejs:18 (AXSA:2023-6295:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6295:01 advisory. nodejs: mainModule.proto bypass experimental policy mechanism CVE-2023-30581 nodejs: process interuption due to invalid Public Key information in x5...

MiracleLinux 9 : nodejs:18 (AXSA:2023-6463:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6463:01 advisory. nodejs: Permissions policies can be bypassed via Module.load CVE-2023-32002 nodejs-semver: Regular expression denial of service CVE-2022-25883 nodej...

MiracleLinux 9 : nodejs:18 (AXSA:2025-9685:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9685:01 advisory. undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: GOAWAY HTTP/2 frames cause memory leak outside heap CVE-2025-23085 Tenable h...

TencentOS Server 3: nodejs:18 (TSSA-2024:0108)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0108 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

AZL-70559 CVE-2025-13226 affecting package nodejs18 18.20.3-11

Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

AZL-70553 CVE-2025-13224 affecting package nodejs18 18.20.3-11

Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2025-5222 affecting package nodejs18 for versions less than 18.20.3-10

CVE-2025-5222 affecting package nodejs18 for versions less than 18.20.3-10. A patched version of the package is available...

AZL-70393 CVE-2025-12433 affecting package nodejs18 18.20.3-11

Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

AZL-70039 CVE-2025-12432 affecting package nodejs18 18.20.3-11

Race in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

SUSE SLES12 Security Update : nodejs18 (SUSE-SU-2025:3919-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:3919-1 advisory. - CVE-2025-7783: Switched away from Math.random in boundary values for multipart form-encoded data bsc1246818 Tenable has extracted the preceding...

AZL-69905 CVE-2025-11215 affecting package nodejs18 18.20.3-11

Off by one error in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...

SUSE-SU-2025:3919-1 Security update for nodejs18

This update for nodejs18 fixes the following issues: - CVE-2025-7783: Switched away from Math.random in boundary values for multipart form-encoded data bsc1246818...

Security update for nodejs18

This update for nodejs18 fixes the following issues: CVE-2025-7783: Switched away from Math.random in boundary values for multipart form-encoded data bsc1246818 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

CVE-2025-5889 affecting package nodejs18 for versions less than 18.20.3-9

CVE-2025-5889 affecting package nodejs18 for versions less than 18.20.3-9. A patched version of the package is available...