Lucene search
K

5 matches found

CVE
CVE
added yesterday8 views

CVE-2026-15921

The CVE-2026-15921 issue affects Node Version Manager (nvm) up to v0.40.5, where nvm ls-remote and similar commands parse the mirror index.tab and use each LTS codename as an alias filename without validation. A malicious mirror can return path-traversal codenames (e.g., ../../../.bashrc), causin...

3.1CVSS6.4AI score
Exploits0References2
Cvelist
Cvelist
added yesterday10 views

CVE-2026-15921 nvm path traversal via a malicious mirror's LTS codename writes outside the alias directory

Node Version Manager nvm is a POSIX-compliant shell function for managing multiple node.js versions. In versions 0.32.1 through 0.40.5, nvm ls-remote and other commands that refresh remote LTS aliases, such as nvm install --lts parse the node.js mirror's index.tab and use each release's LTS...

3.1CVSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/02/01 12:0 a.m.61 views

FreeBSD : Gitlab -- Multiple vulnerabilities (467b7cbe-257d-11e9-8573-001b217b3468)

Gitlab reports : Remote Command Execution via GitLab Pages Covert Redirect to Steal GitHub/Bitbucket Tokens Remote Mirror Branches Leaked by Git Transfer Refs Denial of Service with Markdown Guests Can View List of Group Merge Requests Guest Can View Merge Request Titles via System Notes Persiste...

9.8CVSS6.5AI score0.05471EPSS
Exploits17References26
NVD
NVD
added 2015/10/09 2:59 p.m.26 views

CVE-2015-1337

Simple Streams simplestreams does not properly verify the GPG signatures of disk image files, which allows remote mirror servers to spoof disk images and have unspecified other impact via a 403 aka Forbidden response...

6.8CVSS6.9AI score0.01709EPSS
Exploits1References3
CVE
CVE
added 2015/10/09 2:0 p.m.57 views

CVE-2015-1337

CVE-2015-1337 affects Simple Streams (simplestreams): the code path that verifies GPG signatures of disk image files is flawed, enabling a remote attacker to spoof disk images and trigger a 403 response. The issue is documented in multiple sources (Ubuntu USN-2746-1 and related CVE records). Miti...

6.8CVSS7.1AI score0.01709EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder