CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

IBM Security Bulletins•added 2023/08/14 7:58 p.m.•32 views

Security Bulletin: Vulnerabilities in Node.js modules affect IBM Voice Gateway

Summary Security Vulnerabilities in Node.js modules affect IBM Voice Gateway. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-36665 DESCRIPTION: protobuf.js could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution. By...

9.8CVSS9.2AI score0.01688EPSS

Exploits2Affected Software1

OSV•added 2023/06/21 5:15 a.m.•1 views

DEBIAN-CVE-2022-25883

Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service ReDoS via the function new Range, when untrusted user data is provided as a range...

7.5CVSS6.5AI score0.00598EPSS

Exploits1References1

NVD•added 2023/06/21 5:15 a.m.•24 views

CVE-2022-25883

Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service ReDoS via the function new Range, when untrusted user data is provided as a range...

7.5CVSS7.2AI score0.00598EPSS

Exploits1References7

Vulnrichment•added 2023/06/21 5:0 a.m.•12 views

CVE-2022-25883

Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service ReDoS via the function new Range, when untrusted user data is provided as a range...

5.3CVSS6.8AI score0.00598EPSS

Exploits1References6

SUSE CVE•added 2023/02/15 5:10 a.m.•1 views

SUSE CVE-2015-8855

The semver package before 4.3.2 for Node.js allows attackers to cause a denial of service CPU consumption via a long version string, aka a "regular expression denial of service ReDoS."...

7.8CVSS6.8AI score0.01092EPSS

Exploits0References3

Snyk•added 2023/01/25 4:0 p.m.•1 views

Regular Expression Denial of Service (ReDoS)

Overview semver is a semantic version parser used by npm. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the function new Range, when untrusted user data is provided as a range. PoC js const semver = require'semver' const lengths2 = 2000, 4000,...

7.5CVSS6.8AI score0.00598EPSS

Exploits1References2

OSV•added 2017/01/23 9:59 p.m.•3 views

CVE-2015-8855

The semver package before 4.3.2 for Node.js allows attackers to cause a denial of service CPU consumption via a long version string, aka a "regular expression denial of service ReDoS."...

7.5CVSS7.3AI score

Exploits0References5

NVD•added 2017/01/23 9:59 p.m.•8 views

CVE-2015-8855

The semver package before 4.3.2 for Node.js allows attackers to cause a denial of service CPU consumption via a long version string, aka a "regular expression denial of service ReDoS."...

7.8CVSS7.3AI score0.01092EPSS

Exploits0References3

OSV•added 2017/01/23 9:59 p.m.•1 views

DEBIAN-CVE-2015-8855

The semver package before 4.3.2 for Node.js allows attackers to cause a denial of service CPU consumption via a long version string, aka a "regular expression denial of service ReDoS."...

7.5CVSS6.7AI score0.01092EPSS

Exploits0References1

UbuntuCve•added 2017/01/23 9:59 p.m.•17 views

CVE-2015-8855

The semver package before 4.3.2 for Node.js allows attackers to cause a denial of service CPU consumption via a long version string, aka a "regular expression denial of service ReDoS."...

7.8CVSS7.1AI score0.01092EPSS

Exploits0References4

Cvelist•added 2017/01/23 9:0 p.m.•13 views

CVE-2015-8855

The semver package before 4.3.2 for Node.js allows attackers to cause a denial of service CPU consumption via a long version string, aka a "regular expression denial of service ReDoS."...

7.3AI score0.01092EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by