exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 1 014

CVE-2016-2086

больше 9 лет назад

Node.js 0.10.x before 0.10.42, 0.12.x before 0.12.10, 4.x before 4.3.0, and 5.x before 5.6.0 allow remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.

CVSS2: 4.3

EPSS: Низкий

CVE-2016-2086

больше 9 лет назад

Node.js 0.10.x before 0.10.42, 0.12.x before 0.12.10, 4.x before 4.3.0, and 5.x before 5.6.0 allow remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.

CVSS3: 7.5

EPSS: Низкий

CVE-2016-2086

больше 9 лет назад

Node.js 0.10.x before 0.10.42, 0.12.x before 0.12.10, 4.x before 4.3.0 ...

CVSS3: 7.5

EPSS: Низкий

CVE-2015-8860

больше 8 лет назад

The tar package before 2.0.0 for Node.js allows remote attackers to write to arbitrary files via a symlink attack in an archive.

CVSS3: 7.5

EPSS: Низкий

CVE-2015-8860

больше 10 лет назад

The tar package before 2.0.0 for Node.js allows remote attackers to write to arbitrary files via a symlink attack in an archive.

CVSS2: 4.3

EPSS: Низкий

CVE-2015-8860

больше 8 лет назад

The tar package before 2.0.0 for Node.js allows remote attackers to write to arbitrary files via a symlink attack in an archive.

CVSS3: 7.5

EPSS: Низкий

CVE-2015-8860

больше 8 лет назад

The tar package before 2.0.0 for Node.js allows remote attackers to wr ...

CVSS3: 7.5

EPSS: Низкий

CVE-2015-8855

больше 8 лет назад

The semver package before 4.3.2 for Node.js allows attackers to cause a denial of service (CPU consumption) via a long version string, aka a "regular expression denial of service (ReDoS)."

CVSS3: 7.5

EPSS: Низкий

CVE-2015-8855

больше 10 лет назад

The semver package before 4.3.2 for Node.js allows attackers to cause a denial of service (CPU consumption) via a long version string, aka a "regular expression denial of service (ReDoS)."

CVSS2: 4.3

EPSS: Низкий

CVE-2015-8855

больше 8 лет назад

The semver package before 4.3.2 for Node.js allows attackers to cause a denial of service (CPU consumption) via a long version string, aka a "regular expression denial of service (ReDoS)."

CVSS3: 7.5

EPSS: Низкий

CVE-2015-8855

больше 8 лет назад

The semver package before 4.3.2 for Node.js allows attackers to cause ...

CVSS3: 7.5

EPSS: Низкий

CVE-2015-8027

больше 9 лет назад

Node.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 does not ensure the availability of a parser for each HTTP socket, which allows remote attackers to cause a denial of service (uncaughtException and service outage) via a pipelined HTTP request.

CVSS3: 7.5

EPSS: Низкий

CVE-2015-8027

больше 9 лет назад

CVSS2: 5

EPSS: Низкий

CVE-2015-8027

больше 9 лет назад

CVSS3: 7.5

EPSS: Низкий

CVE-2015-8027

больше 9 лет назад

Node.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 d ...

CVSS3: 7.5

EPSS: Низкий

CVE-2015-7384

почти 8 лет назад

Node.js 4.0.0, 4.1.0, and 4.1.1 allows remote attackers to cause a denial of service.

CVSS3: 7.5

EPSS: Низкий

CVE-2015-7384

почти 10 лет назад

Node.js 4.0.0, 4.1.0, and 4.1.1 allows remote attackers to cause a denial of service.

CVSS2: 2.6

EPSS: Низкий

CVE-2015-7384

почти 8 лет назад

Node.js 4.0.0, 4.1.0, and 4.1.1 allows remote attackers to cause a denial of service.

CVSS3: 7.5

EPSS: Низкий

CVE-2015-7384

почти 8 лет назад

Node.js 4.0.0, 4.1.0, and 4.1.1 allows remote attackers to cause a den ...

CVSS3: 7.5

EPSS: Низкий

CVE-2014-9772

больше 8 лет назад

The validator package before 2.0.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via hex-encoded characters.

CVSS3: 6.1

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2016-2086 Node.js 0.10.x before 0.10.42, 0.12.x before 0.12.10, 4.x before 4.3.0, and 5.x before 5.6.0 allow remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.	CVSS2: 4.3	0% Низкий	больше 9 лет назад
CVE-2016-2086 Node.js 0.10.x before 0.10.42, 0.12.x before 0.12.10, 4.x before 4.3.0, and 5.x before 5.6.0 allow remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.	CVSS3: 7.5	0% Низкий	больше 9 лет назад
CVE-2016-2086 Node.js 0.10.x before 0.10.42, 0.12.x before 0.12.10, 4.x before 4.3.0 ...	CVSS3: 7.5	0% Низкий	больше 9 лет назад
CVE-2015-8860 The tar package before 2.0.0 for Node.js allows remote attackers to write to arbitrary files via a symlink attack in an archive.	CVSS3: 7.5	0% Низкий	больше 8 лет назад
CVE-2015-8860 The tar package before 2.0.0 for Node.js allows remote attackers to write to arbitrary files via a symlink attack in an archive.	CVSS2: 4.3	0% Низкий	больше 10 лет назад
CVE-2015-8860 The tar package before 2.0.0 for Node.js allows remote attackers to write to arbitrary files via a symlink attack in an archive.	CVSS3: 7.5	0% Низкий	больше 8 лет назад
CVE-2015-8860 The tar package before 2.0.0 for Node.js allows remote attackers to wr ...	CVSS3: 7.5	0% Низкий	больше 8 лет назад
CVE-2015-8855 The semver package before 4.3.2 for Node.js allows attackers to cause a denial of service (CPU consumption) via a long version string, aka a "regular expression denial of service (ReDoS)."	CVSS3: 7.5	1% Низкий	больше 8 лет назад
CVE-2015-8855 The semver package before 4.3.2 for Node.js allows attackers to cause a denial of service (CPU consumption) via a long version string, aka a "regular expression denial of service (ReDoS)."	CVSS2: 4.3	1% Низкий	больше 10 лет назад
CVE-2015-8855 The semver package before 4.3.2 for Node.js allows attackers to cause a denial of service (CPU consumption) via a long version string, aka a "regular expression denial of service (ReDoS)."	CVSS3: 7.5	1% Низкий	больше 8 лет назад
CVE-2015-8855 The semver package before 4.3.2 for Node.js allows attackers to cause ...	CVSS3: 7.5	1% Низкий	больше 8 лет назад
CVE-2015-8027 Node.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 does not ensure the availability of a parser for each HTTP socket, which allows remote attackers to cause a denial of service (uncaughtException and service outage) via a pipelined HTTP request.	CVSS3: 7.5	2% Низкий	больше 9 лет назад
CVE-2015-8027 Node.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 does not ensure the availability of a parser for each HTTP socket, which allows remote attackers to cause a denial of service (uncaughtException and service outage) via a pipelined HTTP request.	CVSS2: 5	2% Низкий	больше 9 лет назад
CVE-2015-8027 Node.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 does not ensure the availability of a parser for each HTTP socket, which allows remote attackers to cause a denial of service (uncaughtException and service outage) via a pipelined HTTP request.	CVSS3: 7.5	2% Низкий	больше 9 лет назад
CVE-2015-8027 Node.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 d ...	CVSS3: 7.5	2% Низкий	больше 9 лет назад
CVE-2015-7384 Node.js 4.0.0, 4.1.0, and 4.1.1 allows remote attackers to cause a denial of service.	CVSS3: 7.5	1% Низкий	почти 8 лет назад
CVE-2015-7384 Node.js 4.0.0, 4.1.0, and 4.1.1 allows remote attackers to cause a denial of service.	CVSS2: 2.6	1% Низкий	почти 10 лет назад
CVE-2015-7384 Node.js 4.0.0, 4.1.0, and 4.1.1 allows remote attackers to cause a denial of service.	CVSS3: 7.5	1% Низкий	почти 8 лет назад
CVE-2015-7384 Node.js 4.0.0, 4.1.0, and 4.1.1 allows remote attackers to cause a den ...	CVSS3: 7.5	1% Низкий	почти 8 лет назад
CVE-2014-9772 The validator package before 2.0.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via hex-encoded characters.	CVSS3: 6.1	1% Низкий	больше 8 лет назад

Уязвимостей на страницу