Lucene search
K

8 matches found

EUVD
EUVD
added 2025/11/13 3:23 a.m.5 views

EUVD-2025-176332

Malicious code in slow-data-moon-object-serialize npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in slow-data-moon-object-serialize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b1c49854e181d4118e50a6f9910fd6b567e67cd382a7ff14982b0a228063d3a4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/13 6:16 a.m.64 views

Security Bulletin: Moment.js issue of validating, manipulating, and formatting dates

Summary Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm server users of Moment.js between versions 1.0.1 and 2.29.1, especially if a user-provided locale string is directly used to switch moment locale...

7.5CVSS7.6AI score0.05664EPSS
Exploits1Affected Software1
SUSE CVE
SUSE CVE
added 2024/07/06 2:58 a.m.3 views

SUSE CVE-2024-39920

The TCP protocol in RFC 9293 has a timing side channel that makes it easier for remote attackers to infer the content of one TCP connection from a client system to any server, when that client system is concurrently obtaining TCP data at a slow rate from an attacker-controlled server, aka the...

4.3CVSS6.8AI score0.00572EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/07/03 12:0 a.m.5 views

PT-2024-28734 · Tcp · Tcp

Name of the Vulnerable Software and Affected Versions: TCP protocol affected versions not specified Description: The issue is related to a timing side channel in the TCP protocol, making it easier for remote attackers to infer the content of one TCP connection from a client system to any server...

4.3CVSS6.9AI score0.00572EPSS
Exploits0References13
SUSE CVE
SUSE CVE
added 2023/02/15 4:38 a.m.2 views

SUSE CVE-2017-15268

Qemu through 2.10.0 allows remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c...

5CVSS6.9AI score0.04272EPSS
Exploits1References7
NVD
NVD
added 2017/10/12 3:29 p.m.18 views

CVE-2017-15268

Qemu through 2.10.0 allows remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c...

7.5CVSS8.2AI score0.04272EPSS
Exploits1References7
Prion
Prion
added 2017/10/12 3:29 p.m.21 views

Memory corruption

Qemu through 2.10.0 allows remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c...

5CVSS7.2AI score0.04272EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder