Lucene search
K

52 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:10 a.m.5 views

SUSE CVE-2015-8970

crypto/algifskcipher.c in the Linux kernel before 4.4.2 does not verify that a setkey operation has been performed on an AFALG socket before an accept system call is processed, which allows local users to cause a denial of service NULL pointer dereference and system crash via a crafted applicatio...

5.5CVSS7.2AI score0.00504EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:45 a.m.6 views

SUSE CVE-2017-9211

The cryptoskcipherinittfm function in crypto/skcipher.c in the Linux kernel through 4.11.2 relies on a setkey function that lacks a key-size check, which allows local users to cause a denial of service NULL pointer dereference via a crafted application...

5.5CVSS7.1AI score0.0039EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:36 a.m.6 views

SUSE CVE-2021-44906

Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95...

5.6CVSS7.1AI score0.04581EPSS
Exploits1References13
CNNVD
CNNVD
added 2022/07/05 12:0 a.m.4 views

IBM App Connect Enterprise 资源管理错误漏洞

IBM Integration Bus IBM WebSphere Message Broker and IBM App Connect Enterprise are both products of IBM Corporation, USA.IBM Integration Bus is an Enterprise Service Bus ESB product that provides connectivity and common data transformation for Service Oriented Architecture SOA environments and...

6.2AI score
Exploits0References2
OSV
OSV
added 2022/05/20 11:3 a.m.12 views

OESA-2022-1665 nodejs-minimist security update

This module is the guts of optimist's argument parser without all the fanciful decoration. Security Fixes: Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95.CVE-2021-44906...

9.8CVSS7.1AI score0.04581EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2022/03/18 12:1 a.m.509 views

Prototype Pollution in minimist

Minimist prior to 1.2.6 and 0.2.4 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95...

9.8CVSS3.7AI score0.04581EPSS
Exploits1References15Affected Software1
OSV
OSV
added 2022/03/18 12:1 a.m.8 views

GHSA-XVCH-5GV4-984H Prototype Pollution in minimist

Minimist prior to 1.2.6 and 0.2.4 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95...

9.8CVSS6.8AI score0.04581EPSS
Exploits1References15
CNVD
CNVD
added 2022/03/18 12:0 a.m.20 views

Minimist has an unspecified vulnerability

minimist is a command-line parameter parsing tool. minimist suffers from a security vulnerability that stems from vulnerability to prototype contamination via the file index.js, function setKey. No details of the vulnerability are currently available...

9.8CVSS4.5AI score0.04581EPSS
Exploits1References1
OSV
OSV
added 2022/03/17 4:15 p.m.2 views

DEBIAN-CVE-2021-44906

Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95...

9.8CVSS6.8AI score0.04581EPSS
Exploits1References1
NVD
NVD
added 2022/03/17 4:15 p.m.22 views

CVE-2021-44906

Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95...

9.8CVSS0.04581EPSS
Exploits1References6
OSV
OSV
added 2022/03/17 4:15 p.m.11 views

AZL-44583 CVE-2021-44906 affecting package js-jquery 3.5.0-4

Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95...

9.8CVSS6.9AI score0.04581EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2022/03/17 4:15 p.m.389 views

CVE-2021-44906

Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95...

9.8CVSS7AI score0.04581EPSS
Exploits1References7
OSV
OSV
added 2022/03/17 4:15 p.m.1 views

UBUNTU-CVE-2021-44906

Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95...

9.8CVSS6.9AI score0.04581EPSS
Exploits1References8
Debian CVE
Debian CVE
added 2022/03/17 1:5 p.m.51 views

CVE-2021-44906

Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95...

9.8CVSS7.3AI score0.04581EPSS
Exploits1
CVE
CVE
added 2022/03/17 1:5 p.m.555 views

CVE-2021-44906

CVE-2021-44906 affects the minimist library, with versions listed as ≤ 1.2.5. The vulnerability is described as a Prototype Pollution issue via the file index.js, function setKey() (lines 69-95). The connected documents confirm this issue across multiple sources (e.g., Astra Linux advisory, CIRCL...

9.8CVSS9.3AI score0.04581EPSS
Exploits1References6Affected Software1
CNNVD
CNNVD
added 2022/03/17 12:0 a.m.3 views

minimist 安全漏洞

minimist is a command-line parameter parsing tool. minimist suffers from a security vulnerability that stems from vulnerability to prototype contamination via the file index.js, function setKey. No details of the vulnerability are currently available...

9.8CVSS7.8AI score0.04581EPSS
Exploits1References33
Positive Technologies
Positive Technologies
added 2020/04/03 12:0 a.m.5 views

PT-2020-6963

Name of the Vulnerable Software and Affected Versions Minimist versions 0.2.4 and earlier, 1.2.5 and earlier Description The issue is related to a Prototype Pollution vulnerability via the file index.js, specifically the setKey function. This vulnerability can be exploited if an attacker has...

10CVSS6.9AI score0.04581EPSS
Exploits1References157
RedHat Linux
RedHat Linux
added 2017/08/08 6:50 p.m.9 views

kernel: crypto: GPF in lrw_crypt caused by null-deref

The lrwcrypt function in 'crypto/lrw.c' in the Linux kernel before 4.5 allows local users to cause a system crash and a denial of service by the NULL pointer dereference via accept2 system call for AFALG socket without calling setkey first to set a cipher key...

5.5CVSS7.1AI score0.00504EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/08/01 2:22 p.m.6 views

kernel: crypto: GPF in lrw_crypt caused by null-deref

The lrwcrypt function in 'crypto/lrw.c' in the Linux kernel before 4.5 allows local users to cause a system crash and a denial of service by the NULL pointer dereference via accept2 system call for AFALG socket without calling setkey first to set a cipher key...

5.5CVSS7.1AI score0.00504EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/08/01 2:13 p.m.9 views

kernel: crypto: GPF in lrw_crypt caused by null-deref

The lrwcrypt function in 'crypto/lrw.c' in the Linux kernel before 4.5 allows local users to cause a system crash and a denial of service by the NULL pointer dereference via accept2 system call for AFALG socket without calling setkey first to set a cipher key...

5.5CVSS7.1AI score0.00504EPSS
Exploits0References4
Rows per page
Query Builder