exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 1 014

CVE-2014-9772

больше 8 лет назад

The validator package before 2.0.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via hex-encoded characters.

CVSS3: 6.1

EPSS: Низкий

CVE-2014-9772

больше 8 лет назад

The validator package before 2.0.0 for Node.js allows remote attackers ...

CVSS3: 6.1

EPSS: Низкий

CVE-2014-7192

больше 10 лет назад

Eval injection vulnerability in index.js in the syntax-error package before 1.1.1 for Node.js 0.10.x, as used in IBM Rational Application Developer and other products, allows remote attackers to execute arbitrary code via a crafted file.

CVSS2: 10

EPSS: Средний

CVE-2014-7192

больше 10 лет назад

CVSS2: 10

EPSS: Средний

CVE-2014-7192

больше 10 лет назад

Eval injection vulnerability in index.js in the syntax-error package b ...

CVSS2: 10

EPSS: Средний

CVE-2014-7191

почти 11 лет назад

The qs module before 1.0.0 in Node.js does not call the compact function for array data, which allows remote attackers to cause a denial of service (memory consumption) by using a large index value to create a sparse array.

CVSS2: 5

EPSS: Низкий

CVE-2014-7191

около 11 лет назад

CVSS2: 4.3

EPSS: Низкий

CVE-2014-7191

почти 11 лет назад

CVSS2: 5

EPSS: Низкий

CVE-2014-7191

почти 11 лет назад

The qs module before 1.0.0 in Node.js does not call the compact functi ...

CVSS2: 5

EPSS: Низкий

CVE-2014-3744

почти 8 лет назад

Directory traversal vulnerability in the st module before 0.2.5 for Node.js allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in an unspecified path.

CVSS3: 7.5

EPSS: Средний

CVE-2014-3744

почти 8 лет назад

Directory traversal vulnerability in the st module before 0.2.5 for Node.js allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in an unspecified path.

CVSS3: 7.5

EPSS: Средний

CVE-2013-7454

больше 8 лет назад

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via nested forbidden strings.

CVSS3: 6.1

EPSS: Низкий

CVE-2013-7454

больше 8 лет назад

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via nested forbidden strings.

CVSS3: 6.1

EPSS: Низкий

CVE-2013-7454

больше 8 лет назад

The validator module before 1.1.0 for Node.js allows remote attackers ...

CVSS3: 6.1

EPSS: Низкий

CVE-2013-7453

больше 8 лет назад

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via vectors related to UI redressing.

CVSS3: 6.1

EPSS: Низкий

CVE-2013-7453

больше 8 лет назад

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via vectors related to UI redressing.

CVSS3: 6.1

EPSS: Низкий

CVE-2013-7453

больше 8 лет назад

The validator module before 1.1.0 for Node.js allows remote attackers ...

CVSS3: 6.1

EPSS: Низкий

CVE-2013-7452

больше 8 лет назад

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via a crafted javascript URI.

CVSS3: 6.1

EPSS: Низкий

CVE-2013-7452

больше 8 лет назад

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via a crafted javascript URI.

CVSS3: 6.1

EPSS: Низкий

CVE-2013-7452

больше 8 лет назад

The validator module before 1.1.0 for Node.js allows remote attackers ...

CVSS3: 6.1

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2014-9772 The validator package before 2.0.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via hex-encoded characters.	CVSS3: 6.1	1% Низкий	больше 8 лет назад
CVE-2014-9772 The validator package before 2.0.0 for Node.js allows remote attackers ...	CVSS3: 6.1	1% Низкий	больше 8 лет назад
CVE-2014-7192 Eval injection vulnerability in index.js in the syntax-error package before 1.1.1 for Node.js 0.10.x, as used in IBM Rational Application Developer and other products, allows remote attackers to execute arbitrary code via a crafted file.	CVSS2: 10	44% Средний	больше 10 лет назад
CVE-2014-7192 Eval injection vulnerability in index.js in the syntax-error package before 1.1.1 for Node.js 0.10.x, as used in IBM Rational Application Developer and other products, allows remote attackers to execute arbitrary code via a crafted file.	CVSS2: 10	44% Средний	больше 10 лет назад
CVE-2014-7192 Eval injection vulnerability in index.js in the syntax-error package b ...	CVSS2: 10	44% Средний	больше 10 лет назад
CVE-2014-7191 The qs module before 1.0.0 in Node.js does not call the compact function for array data, which allows remote attackers to cause a denial of service (memory consumption) by using a large index value to create a sparse array.	CVSS2: 5	1% Низкий	почти 11 лет назад
CVE-2014-7191 The qs module before 1.0.0 in Node.js does not call the compact function for array data, which allows remote attackers to cause a denial of service (memory consumption) by using a large index value to create a sparse array.	CVSS2: 4.3	1% Низкий	около 11 лет назад
CVE-2014-7191 The qs module before 1.0.0 in Node.js does not call the compact function for array data, which allows remote attackers to cause a denial of service (memory consumption) by using a large index value to create a sparse array.	CVSS2: 5	1% Низкий	почти 11 лет назад
CVE-2014-7191 The qs module before 1.0.0 in Node.js does not call the compact functi ...	CVSS2: 5	1% Низкий	почти 11 лет назад
CVE-2014-3744 Directory traversal vulnerability in the st module before 0.2.5 for Node.js allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in an unspecified path.	CVSS3: 7.5	55% Средний	почти 8 лет назад
CVE-2014-3744 Directory traversal vulnerability in the st module before 0.2.5 for Node.js allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in an unspecified path.	CVSS3: 7.5	55% Средний	почти 8 лет назад
CVE-2013-7454 The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via nested forbidden strings.	CVSS3: 6.1	1% Низкий	больше 8 лет назад
CVE-2013-7454 The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via nested forbidden strings.	CVSS3: 6.1	1% Низкий	больше 8 лет назад
CVE-2013-7454 The validator module before 1.1.0 for Node.js allows remote attackers ...	CVSS3: 6.1	1% Низкий	больше 8 лет назад
CVE-2013-7453 The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via vectors related to UI redressing.	CVSS3: 6.1	1% Низкий	больше 8 лет назад
CVE-2013-7453 The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via vectors related to UI redressing.	CVSS3: 6.1	1% Низкий	больше 8 лет назад
CVE-2013-7453 The validator module before 1.1.0 for Node.js allows remote attackers ...	CVSS3: 6.1	1% Низкий	больше 8 лет назад
CVE-2013-7452 The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via a crafted javascript URI.	CVSS3: 6.1	1% Низкий	больше 8 лет назад
CVE-2013-7452 The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via a crafted javascript URI.	CVSS3: 6.1	1% Низкий	больше 8 лет назад
CVE-2013-7452 The validator module before 1.1.0 for Node.js allows remote attackers ...	CVSS3: 6.1	1% Низкий	больше 8 лет назад

Уязвимостей на страницу