Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2025/12/01 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-66031

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Forge also called node-forge is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge version...

8.7CVSS6.7AI score0.00373EPSS
Exploits0References3
OSV
OSV
added 2025/11/26 11:15 p.m.9 views

AZL-71131 CVE-2025-66030 affecting package reaper for versions less than 3.1.1-21

Forge also called node-forge is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be...

6.3CVSS6.2AI score0.00276EPSS
Exploits0References1
OSV
OSV
added 2025/11/26 10:23 p.m.5 views

CVE-2025-66031 node-forge ASN.1 Unbounded Recursion

Forge also called node-forge is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This...

8.7CVSS6.8AI score0.00373EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/11/26 10:23 p.m.5 views

CVE-2025-66031

Forge also called node-forge is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This...

8.7CVSS6AI score0.00373EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 9:42 a.m.7 views

CVE-2024-30248

Piccolo Admin is an admin interface/content management system for Python, built on top of Piccolo. Piccolo's admin panel allows media files to be uploaded. As a default, SVG is an allowed file type for upload. An attacker can upload an SVG which when loaded can allow arbitrary access to the admin...

7.7CVSS6.8AI score0.00493EPSS
Exploits0References1
Rows per page
Query Builder