4303 matches found
Fedora 20 : libuv-0.10.34-1.fc20 / nodejs-0.10.36-3.fc20 / v8-3.14.5.10-17.fc20 (2015-2310)
nodejs - tls: re-add 1024-bit SSL certs removed by f9456a2 Chris Dickinson - timers: don't close interval timers when unrefd Julien Gilli - timers: don't mutate unref list while iterating it Julien Gilli - childprocess: check execFile args is an array Sam Roberts - childprocess: check fork args i...
libuv -- incorrect revocation order while relinquishing privileges
Nodejs releases reports: CVE-2015-0278 This may potentially allow an attacker to gain elevated privileges...
Fedora Update for nodejs FEDORA-2015-2310
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 22 Update: compat-libuv010-0.10.34-1.fc22
Compatibility libuv library for nodejs 0.10.x...
Fedora 21 : libuv-0.10.34-1.fc21 / nodejs-0.10.36-3.fc21 / v8-3.14.5.10-17.fc21 (2015-2313)
nodejs - tls: re-add 1024-bit SSL certs removed by f9456a2 Chris Dickinson - timers: don't close interval timers when unrefd Julien Gilli - timers: don't mutate unref list while iterating it Julien Gilli - childprocess: check execFile args is an array Sam Roberts - childprocess: check fork args i...
Fedora Update for nodejs FEDORA-2015-2313
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Javascript Injection For Eval-Based Unpackers
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/jsobfu' class Metasploit3 'Javascript Injection for Eval-based Unpackers', 'Description' = %q This module generates a...
Javascript Injection for Eval-based Unpackers
This module generates a Javascript file that executes arbitrary code when an eval-based unpacker is run on it. Works against js-beautify's PACKER unpacker. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...
AZL-45312 CVE-2015-1164 affecting package nodejs-nodemon 2.0.3-5
Open redirect vulnerability in the serve-static plugin before 1.7.2 for Node.js, when mounted at the root, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a // slash slash followed by a domain in the PATHINFO to the default URI...
Fedora Update for nodejs FEDORA-2014-15411
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for nodejs FEDORA-2014-15379
Check the version of nodejs SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868604";...
Fedora 21 : libuv-0.10.29-1.fc21 / nodejs-0.10.33-1.fc21 (2014-15411) (POODLE)
This release handles the recent POODLE vulnerability by disabling SSLv2/SSLv3 by default for the most predominate uses of TLS in Node.js. It took longer than expected to get this release accomplished in a way that would provide appropriate default security settings, while minimizing the surface...
Fedora Update for nodejs FEDORA-2014-15390
Check the version of nodejs SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868601";...
DEBIAN-CVE-2014-7191
The qs module before 1.0.0 in Node.js does not call the compact function for array data, which allows remote attackers to cause a denial of service memory consumption by using a large index value to create a sparse array...
UBUNTU-CVE-2014-7191
The qs module before 1.0.0 in Node.js does not call the compact function for array data, which allows remote attackers to cause a denial of service memory consumption by using a large index value to create a sparse array...
DEBIAN-CVE-2014-6394
visionmedia send before 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the document root, which allows remote attackers to access restricted directories, as demonstrated using "public-restricted" under a "public" directory...
Fedora Update for nodejs-send FEDORA-2014-11421
Check the version of nodejs-send SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868365";...
Fedora Update for nodejs-qs FEDORA-2014-11376
Check the version of nodejs-qs SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868364";...
Fedora Update for nodejs-qs FEDORA-2014-11399
Check the version of nodejs-qs SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868363";...
Fedora Update for nodejs-send FEDORA-2014-11495
Check the version of nodejs-send SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868362";...