nodejs

239 tracked vulnerabilities.

CVE-2016-7052 HIGH
Novell Suse Linux Enterprise Module F... - NULL Pointer Dereference
Sep 26, 2016
CVSS 7.5
EPSS 0.30
CVE-2016-6306 MEDIUM
OpenSSL < 1.0.1u and 1.0.2 < 1.0.2i - Denial of Service via Certificate Parser Out-of-bounds Read
Sep 26, 2016
CVSS 5.9
EPSS 0.42
CVE-2016-6304 HIGH
OpenSSL <1.0.1u, <1.0.2i, <1.1.0a - DoS
Sep 26, 2016
CVSS 7.5
EPSS 0.63
CVE-2016-5172 MEDIUM
Google Chrome < 53.0.2785.113 - Exposure of Sensitive Information via V8 Parser Scope Mishandling
Sep 25, 2016
CVSS 6.5
EPSS 0.02
CVE-2016-6303 CRITICAL
Node.js < 0.12.16 - Out-of-bounds Write in MDC2_Update
Sep 16, 2016
CVSS 9.8
EPSS 0.32
CVE-2016-2183 HIGH
Redhat Jboss Enterprise Application Platform - Information Disclosure
Sep 01, 2016
CVSS 7.5
EPSS 0.96
CVE-2016-3956 HIGH
npm <2.15.1,3.x <3.8.3 - Info Disclosure
Jul 02, 2016
CVSS 7.5
EPSS 0.07
CVE-2016-2178 MEDIUM
OpenSSL - Timing Side-Channel Attack in DSA Signing
Jun 20, 2016
CVSS 5.5
EPSS 0.01
CVE-2016-1669 HIGH
Google V8 <5.0.71.47 - Buffer Overflow
May 14, 2016
CVSS 8.8
EPSS 0.04
CVE-2016-2107 MEDIUM
Redhat Enterprise Linux Desktop < 1.0.1s - Information Disclosure
May 05, 2016
CVSS 5.9
EPSS 0.89
CVE-2016-2105 HIGH
Redhat Enterprise Linux Desktop < 5.6.30 - Integer Overflow
May 05, 2016
CVSS 7.5
EPSS 0.40
CVE-2016-2216 HIGH
Node.js HTTP Response Splitting via UTF-8 Encoded Unicode Characters
Apr 07, 2016
CVSS 7.5
EPSS 0.07
CVE-2016-2086 HIGH
Node.js 0.10.x < 0.10.42, 0.12.x < 0.12.10, 4.x < 4.3.0, 5.x < 5.6.0 - HTTP Request Smuggling via Content-Length Header
Apr 07, 2016
CVSS 7.5
EPSS 0.06
CVE-2016-0797 HIGH
OpenSSL 1.0.1-1.0.1s and 1.0.2-1.0.2g - Denial of Service via BN_dec2bn and BN_hex2bn Integer Overflow
Mar 03, 2016
CVSS 7.5
EPSS 0.27
CVE-2016-0702 MEDIUM
OpenSSL <1.0.1s-1.0.2g - Info Disclosure
Mar 03, 2016
CVSS 5.1
EPSS 0.02
CVE-2015-7384 HIGH
Node.js 4.0.0-4.1.1 - Denial of Service via Uncontrolled Resource Consumption
Oct 10, 2017
CVSS 7.5
EPSS 0.08
CVE-2015-2927 MEDIUM
node.js 0.3.2 and URONode < 1.0.5 - Denial of Service
Sep 20, 2017
CVSS 6.5
EPSS 0.05
CVE-2015-8860 HIGH
Nodejs Node.js < 1.8.4 - Symlink Following
Jan 23, 2017
CVSS 7.5
EPSS 0.05
CVE-2015-8855 HIGH
Nodejs Node.js < 4.3.1 - Resource Management Error
Jan 23, 2017
CVSS 7.5
EPSS 0.06
CVE-2015-8027 HIGH
Node.js <0.12.9, <4.2.3, <5.1.1 - DoS
Jan 02, 2016
CVSS 7.5
EPSS 0.05
CVE-2015-3194 HIGH
OpenSSL 1.0.1-1.0.1q and 1.0.2-1.0.2e - Denial of Service via RSA PSS ASN.1 Signature
Dec 06, 2015
CVSS 7.5
EPSS 0.44
CVE-2015-3193 HIGH
OpenSSL 1.0.2 - Exposure of Sensitive Private-Key Information via Montgomery Squaring Implementation
Dec 06, 2015
CVSS 7.5
EPSS 0.25
CVE-2015-6764 CRITICAL
Google Chrome < 46.0.2490.86 - Denial of Service via JSON Stringifier Array Handling
Dec 06, 2015
CVSS 9.8
EPSS 0.05
CVE-2015-5380
Google V8 <0.12.6, io.js <1.8.3, 2.x <2.3.3 - Memory Corruption
Jul 09, 2015
EPSS 0.03
CVE-2015-0278
libuv <0.10.34 - Privilege Escalation
May 18, 2015
EPSS 0.03