CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4323 matches found

RedHat Linux•added 2022/02/01 9:18 p.m.•0 views

nodejs-ini: Prototype pollution via malicious INI file

A flaw was found in nodejs-ini. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited further depending on the context...

9.8CVSS7.3AI score0.00291EPSS

Exploits1References4

NCSC•added 2022/02/01 12:0 a.m.•2 views

Vulnerabilities fixed in IBM Spectrum Protect Plus

IBM has fixed vulnerabilities in Spectrum Protect Plus. The vulnerabilities, which include those in the Node.js and PostgreSQL components of the product, allow a malicious party to perform attacks that result in the following categories of damage: Cross-Site Scripting XSS. Manipulation of data...

8.2CVSS7.3AI score0.00364EPSS

Exploits5

OpenVAS•added 2022/01/28 12:0 a.m.•24 views

Mageia: Security Advisory (MGASA-2021-0592)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.7AI score0.00229EPSS

Exploits2References4

OpenVAS•added 2022/01/28 12:0 a.m.•34 views

Mageia: Security Advisory (MGASA-2019-0277)

8.8CVSS6.9AI score0.26351EPSS

Exploits0References23

OpenVAS•added 2022/01/28 12:0 a.m.•20 views

Mageia: Security Advisory (MGASA-2021-0463)

9.8CVSS7.7AI score0.00718EPSS

Exploits3References7

OpenVAS•added 2022/01/28 12:0 a.m.•29 views

Mageia: Security Advisory (MGASA-2014-0007)

7.5CVSS9.7AI score0.68714EPSS

Exploits3References6

OpenVAS•added 2022/01/28 12:0 a.m.•19 views

Mageia: Security Advisory (MGASA-2020-0230)

9.8CVSS9.6AI score0.00503EPSS

Exploits1References4

OpenVAS•added 2022/01/28 12:0 a.m.•21 views

Mageia: Security Advisory (MGASA-2021-0394)

9.8CVSS9.7AI score0.00323EPSS

Exploits0References4

OpenVAS•added 2022/01/28 12:0 a.m.•35 views

Mageia: Security Advisory (MGASA-2020-0372)

9.8CVSS7.5AI score0.50822EPSS

Exploits4References10

OpenVAS•added 2022/01/28 12:0 a.m.•26 views

Mageia: Security Advisory (MGASA-2021-0170)

5.3CVSS7.4AI score0.00126EPSS

Exploits1References3

OpenVAS•added 2022/01/28 12:0 a.m.•17 views

Mageia: Security Advisory (MGASA-2021-0068)

9.8CVSS9.7AI score0.00291EPSS

Exploits1References4

Kitploit•added 2022/01/26 8:30 p.m.•21 views

Ninjasworkout - Vulnerable NodeJS Web Application

Damn Vulnerable NodeJS Application Quick Start Download the Repo = run npm i Afer Installing all dependency just run the application node app.js or nodemon app.js ADDED BUGS Prototype Pollution No SQL Injection Cross site Scripting Broken Access Control Broken Session Management Weak Regex...

8.8AI score

Exploits0References3

Tenable Nessus•added 2022/01/26 12:0 a.m.•47 views

RHEL 8 : nodejs:14 (RHSA-2022:0246)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0246 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

9.8CVSS7.5AI score0.01262EPSS

Exploits6References21

RedHat Linux•added 2022/01/25 9:28 a.m.•1 views

nodejs-glob-parent: Regular expression denial of service

A flaw was found in nodejs-glob-parent. The enclosure regex used to check for glob enclosures containing backslashes is vulnerable to Regular Expression Denial of Service attacks. This flaw allows an attacker to cause a denial of service if they can supply a malicious string to the glob-parent...

7.5CVSS7.1AI score0.00964EPSS

Exploits1References5

RedHat Linux•added 2022/01/25 9:28 a.m.•0 views

nodejs-ini: Prototype pollution via malicious INI file

9.8CVSS7.3AI score0.00291EPSS

Exploits1References4

RedHat Linux•added 2022/01/25 9:28 a.m.•1 views

nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes

A regular expression denial of service ReDoS vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes...

7.8CVSS7.1AI score0.00215EPSS

Exploits1References5

RedHat Linux•added 2022/01/21 7:4 p.m.•70 views

Moderate: Red Hat Security Advisory: Red Hat OpenShift Enterprise Logging bug fix and security update (5.2.6)

An update is now available for OpenShift Logging 5.2.6 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in t...

8.5CVSS7.8AI score0.53591EPSS

Exploits10References4

OpenVAS•added 2022/01/21 12:0 a.m.•28 views

Fedora: Security Advisory for nodejs (FEDORA-2022-78090d2099)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.2CVSS7.1AI score0.00364EPSS

Exploits2References2

OpenVAS•added 2022/01/21 12:0 a.m.•27 views

Fedora: Security Advisory for nodejs (FEDORA-2022-0eda327cb4)

7.4CVSS7AI score0.00364EPSS

Exploits2References2

NCSC•added 2022/01/21 12:0 a.m.•1 views

Vulnerabilities fixed in node.js

Vulnerabilities have been fixed in node.js 12, 14 and 16. Due to a flaw in certificate handling, a remote malicious party could remotely could potentially manipulate traffic to an application running on node.js manipulate traffic to gain access to sensitive data. -= Fedora =- Fedora has made...

8.2CVSS7.4AI score0.00364EPSS

Exploits2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by