[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248364

 
 

909

 
 

195388

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 194669 Download | Alert*

libuv1: asynchronous event notification library - runtime library libuv could be made to crash or execute arbitrary code if it received a specially crafted path.

The host is installed with Node.js 14.0.0 before 14.9.0 and is buffer overflow vulnerability. A flaw is present in the application which fails to handle realpath in libuv. Successful exploitation allows an attacker to cause buffer overflow if the resolved path is longer than 256 bytes.

This update for nodejs10 fixes the following issues: - nodejs10 was updated to 10.22.1 LTS: - CVE-2020-8252: Fixed a buffer overflow in realpath . - CVE-2020-15095: Fixed an information leak through log files . - Explicitly add -fno-strict-aliasing to CFLAGS to fix compilation on Aarch64 with gcc10

The host is installed with Node.js 14.0.0 before 14.11.0 and is prone to a denial of service vulnerability. A flaw is present in the application which fails to handle delayed requests submission. Successful exploitation allows attackers to cause denial of service.

Node.js CVE-2020-8201 (CVE-2020-8251

Oracle Solaris 11 - ( CVE-2020-8277 )

The host is installed with Node.js 14.0.0 before 14.11.0 and is prone to a HTTP request smuggling vulnerability. A flaw is present in the application which fails to handle malicious payloads. Successful exploitation allows an attacker to hijack user sessions, poison cookies, perform clickjacking and a multitude of other attacks depending on the architecture of the underlying system.

The host is installed with Node.js 14.0.0 before 14.4.0 and is prone to a buffer overflow vulnerability. A flaw is present in the application which fails to handle napi_get_value_string_*(). Successful exploitation allows various kinds of memory corruption.

nodejs: An open-source, cross-platform JavaScript runtime environment. Several security issues were fixed in Node.js.

The host is installed with Node.js 14.0.0 before 14.4.0 and is prone to an improper certificate validation vulnerability. A flaw is present in the application which fails to handle reused TLS session. Successful exploitation allows an attacker to perform host certificate verification bypass.


Pages:      Start    7857    7858    7859    7860    7861    7862    7863    7864    7865    7866    7867    7868    7869    7870    ..   19466

© SecPod Technologies