Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2011-3965

Malware in sbrugna...

9.3CVSS6.4AI score0.00331EPSS
Exploits0References3
Microsoft CVE
Microsoft CVEadded 2023/10/23 7:0 a.m.3 views

When the Node.js policy feature checks the integrity of a resource against a trusted manifest the application can intercept the operation and return a forged checksum to the node's policy implementation thus effectively disabling the integrity check. Impacts: This vulnerability affects all users using the experimental policy mechanism in all active release lines: 18.x and 20.x. Please note that at the time this CVE was issued the policy mechanism is an experimental feature of Node.js.

...

7.5CVSS7AI score0.00397EPSS
Exploits0
Prion
Prionadded 2023/10/18 4:15 a.m.24 views

Design/Logic Flaw

When the Node.js policy feature checks the integrity of a resource against a trusted manifest, the application can intercept the operation and return a forged checksum to the node's policy implementation, thus effectively disabling the integrity check. Impacts: This vulnerability affects all user...

5CVSS7.2AI score0.00397EPSS
Exploits0References8Affected Software2
Vulnrichment
Vulnrichmentadded 2023/10/18 3:55 a.m.25 views

CVE-2023-38552

When the Node.js policy feature checks the integrity of a resource against a trusted manifest, the application can intercept the operation and return a forged checksum to the node's policy implementation, thus effectively disabling the integrity check. Impacts: This vulnerability affects all user...

7AI score0.00397EPSS
Exploits0References8
Debian CVE
Debian CVEadded 2023/10/18 3:55 a.m.27 views

CVE-2023-38552

When the Node.js policy feature checks the integrity of a resource against a trusted manifest, the application can intercept the operation and return a forged checksum to the node's policy implementation, thus effectively disabling the integrity check. Impacts: This vulnerability affects all user...

7.5CVSS7.3AI score0.00397EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2023/10/17 12:0 a.m.7 views

PT-2023-6457 · Node.Js +6 · Node.Js +6

Name of the Vulnerable Software and Affected Versions: Node.js versions 18.x through 20.x Description: The issue arises when the Node.js policy feature checks the integrity of a resource against a trusted manifest. An application can intercept this operation and return a forged checksum to the...

9.8CVSS6.5AI score0.94395EPSS
Exploits22References175
RedhatCVE
RedhatCVEadded 2023/10/16 4:49 p.m.48 views

CVE-2023-38552

When the Node.js policy feature checks the integrity of a resource against a trusted manifest, the application can intercept the operation and return a forged checksum to node's policy implementation, thus effectively disabling the integrity check...

7.5CVSS6.9AI score0.00397EPSS
Exploits0References3
Microsoft CVE
Microsoft CVEadded 2023/08/21 7:0 a.m.2 views

The use of `module.constructor.createRequire()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x 18.x and 20.x. Please note that at the time this CVE was issued the policy is an experimental feature of Node.js.

...

8.8CVSS7.4AI score0.00074EPSS
Exploits0
Rows per page
Query Builder