Project iKy - Tool That Collects Information From An Email And Shows Results In A Nice Visual Interface

Project iKy is a tool that collects information from an email and shows results in a nice visual interface. Visit the Gitlab Page of the Project Project First of all we want to advice you that we have changed the Frontend from AngularJS to Angular 7. For this reason we left the project with...

CVE-2019-12047

Gridea v0.8.0 has an XSS vulnerability through which the Nodejs module can be called to achieve arbitrary code execution, as demonstrated by childprocess.exec and the "img src= onerror='evalnew Buffer" substring...

CVE-2019-12047

Gridea v0.8.0 has an XSS vulnerability through which the Nodejs module can be called to achieve arbitrary code execution, as demonstrated by childprocess.exec and the "img src= onerror='evalnew Buffer" substring...

Design/Logic Flaw

Gridea v0.8.0 has an XSS vulnerability through which the Nodejs module can be called to achieve arbitrary code execution, as demonstrated by childprocess.exec and the "img src= onerror='evalnew Buffer" substring...

CVE-2018-18524

Evernote 6.15 on Windows has an incorrectly repaired stored XSS vulnerability. An attacker can use this XSS issue to inject Node.js code under Present mode. After a victim opens an affected note under Present mode, the attacker can read the victim's files and achieve remote execution command on t...

CVE-2019-12047

CVE-2019-12047 affects Gridea v0.8.0 with an XSS flaw that allows an attacker to trigger arbitrary code execution by invoking a Node.js module (e.g., via child_process.exec) from crafted input, demonstrated by an onerror payload. The issue is caused by insufficient input sanitization leading to ...

CVE-2019-12047

Gridea v0.8.0 has an XSS vulnerability through which the Nodejs module can be called to achieve arbitrary code execution, as demonstrated by childprocess.exec and the "img src= onerror='evalnew Buffer" substring...

Fedora Update for nodejs-simple-markdown FEDORA-2019-36ce1cb623

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 30 : nodejs-simple-markdown (2019-bce274cbf6)

Update to latest upstream release, fix CVE-2019-9844 rhbz1695304, Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...

Fedora 30 : nodejs-handlebars (2019-c1213f866c)

Security fix for https://www.npmjs.com/advisories/755 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

Fedora Update for nodejs-simple-markdown FEDORA-2019-8e7c71f45b

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 29 : nodejs-simple-markdown (2019-36ce1cb623)

Update to latest upstream release, fix CVE-2019-9844 rhbz1695304, Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...

Fedora 28 : nodejs-simple-markdown (2019-8e7c71f45b)

Update to latest upstream release, fix CVE-2019-9844 rhbz1695304, Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...

[SECURITY] Fedora 29 Update: nodejs-simple-markdown-0.4.4-1.fc29

simple-markdown is a markdown-like parser designed for simplicity and extensibility...

Node.js third-party modules: Server Side JavaScript Code Injection

I would like to report a Service Side JavaScript Code Injection in fastify. It allows an attacker that can control a single property name in the serialization schema to achieve Remote Command Execution in the context of the web server. Module module name: fastify version: 2.2.0 npm page:...

[SECURITY] Fedora 30 Update: nodejs-simple-markdown-0.4.4-1.fc30

simple-markdown is a markdown-like parser designed for simplicity and extensibility...

AZL-41949 CVE-2019-10906 affecting package nodejs for versions less than 20.14.0-1

In Pallets Jinja before 2.10.1, str.formatmap allows a sandbox escape...

SUSE-SU-2019:0818-1 Security update for nodejs6

This update for nodejs6 to version 6.17.0 fixes the following issues: Security issues fixed: - CVE-2019-5739: Fixed a potentially attack vector which could lead to Denial of Service when HTTP connection are kept active bsc1127533. - CVE-2019-5737: Fixed a potentially attack vector which could lea...

Enhance Imperva Cloud WAF with a New Management Tool in the Imperva GitHub

Imperva recently launched the Imperva GitHub where our global community can access tools, code repositories and other neat resources that aid collaboration and streamline development. The nice thing about these tools is that you can clone them and customize them with whatever functionality you...

OPENSUSE-SU-2019:0089-1 Security update for nodejs8

This update for nodejs8 to version 8.15.0 fixes the following issues: Security issues fixed: - CVE-2018-12121: Fixed a Denial of Service with large HTTP headers bsc1117626 - CVE-2018-12122: Fixed the 'Slowloris' HTTP Denial of Service bsc1117627 - CVE-2018-12116: Fixed HTTP request splitting...