EUVD-2017-0217

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2015-1370

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incomplete blacklist vulnerability in marked 0.3.2 and earlier for Node.js allows remote attackers to conduct cross-site scripting XSS attacks via a vbscript ta...

Joyent Node.js marked incomplete blacklist vulnerability

Joyent Node.js is the United States Joyent company's set of web applications built on Google V8 JavaScript engine on top of the platform. marked is one of the Markdown a lightweight markup language parser and compiler . An incomplete blacklist vulnerability exists in Joyent Node.js marked. A remo...

UBUNTU-CVE-2015-1370

Incomplete blacklist vulnerability in marked 0.3.2 and earlier for Node.js allows remote attackers to conduct cross-site scripting XSS attacks via a vbscript tag in a link...

CVE-2015-1370

CVE-2015-1370 affects the marked library (versions 0.3.2 and earlier) used with Node.js. The root cause is an incomplete blacklist that allows cross-site scripting via a vbscript tag in a link, enabling remote XSS. Public references (GHSA, OSV, NVD, CNVD) corroborate the issue and advise upgradin...

CVE-2015-1370

Incomplete blacklist vulnerability in marked 0.3.2 and earlier for Node.js allows remote attackers to conduct cross-site scripting XSS attacks via a vbscript tag in a link...