Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / nodejs

nodejs

219 tracked vulnerabilities.

CVE-2020-8172 HIGH

Node <12.18.0-14.4.0 - SSL/TLS Verification Bypass

CVE-2020-11080 LOW

nghttp2 < 1.41.0 - Denial of Service via Large HTTP/2 SETTINGS Frame Payload

CVE-2020-10531 HIGH

International Components for Unicode < 66.1 - Heap-Based Buffer Overflow via UnicodeString::doAppend() Integer Overflow

CVE-2019-15606 CRITICAL

Node.js 10.0.0-10.18.1, 13.0.0-13.7.0 - Authorization Bypass via HTTP Header Trailing Whitespace

CVE-2019-15605 CRITICAL

Node.js 10.0.0-10.18.9, 13.0.0-13.7.0 - HTTP Request Smuggling via Malformed Transfer-Encoding

CVE-2019-15604 HIGH

Node.js 10.0.0-10.18.9, 13.0.0-13.7.9 - Denial of Service via Crafted X.509 Certificate

CVE-2019-9518 HIGH

SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Empty Frame Flood

CVE-2019-9517 HIGH

SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Window Manipulation

CVE-2019-9516 MEDIUM

SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Header Leak

CVE-2019-9515 HIGH

SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Settings Flood

CVE-2019-9514 HIGH

SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Reset Flood

CVE-2019-9513 HIGH

SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Priority Tree Manipulation

CVE-2019-9512 HIGH

SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Ping Flood

CVE-2019-9511 HIGH

SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Window Size Manipulation

CVE-2019-5739 HIGH

Node.js < 6.16.0 - Denial of Service via Keep-Alive Timeout

CVE-2019-5737 HIGH

Node.js 6.x < 6.17.0, 8.x < 8.15.1, 10.x < 10.15.2, 11.x < 11.10.1 - Denial of Service via Slow HTTP Headers

CVE-2019-1559 MEDIUM

OpenSSL 1.0.2-1.0.2q - Padding Oracle via SSL_shutdown Double Call

CVE-2018-21270 MEDIUM

Node.js stringstream < 0.0.6 - Out-of-bounds Read via Uninitialized Buffer Allocation

CVE-2018-12123 MEDIUM

Node.js <6.15.0, 8.14.0, 10.14.0, 11.3.0 - Info Disclosure

CVE-2018-12122 HIGH

Node.js <6.15.0, 8.14.0, 10.14.0, 11.3.0 - DoS

CVE-2018-12121 HIGH

Node.js <6.15.0,8.14.0,10.14.0,11.3.0 - DoS

CVE-2018-12120 HIGH

Node.js 6.0.0-6.14.9 - Remote Code Execution via Debugger Port

CVE-2018-12116 HIGH

Node.js < 6.8.1 and 6.9.0-6.15.0 - HTTP Request Splitting via Path Option

CVE-2018-5407 MEDIUM

Ubuntu Linux - Exposure of Sensitive Information via SMT Port Contention Timing Attack

CVE-2018-0734 MEDIUM

OpenSSL 1.0.2-1.0.2p 1.1.0-1.1.0i 1.1.1 - Timing Side Channel Attack via DSA Signature Algorithm

Previous Page 6 of 9 Next

Products

node.js 163 undici 22 Node 18 node 14 nodejs 4

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy