CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3566 – Command injection vulnerability in programing languages on Microsoft Windows operating system.
https://notcve.org/view.php?id=CVE-2024-3566
10 Apr 2024 — A command inject vulnerability allows an attacker to perform command injection on Windows applications that indirectly depend on the CreateProcess function when the specific conditions are satisfied. • https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2021-32050 – Some MongoDB Drivers may publish events containing authentication-related data to a command listener configured by an application
https://notcve.org/view.php?id=CVE-2021-32050
29 Aug 2023 — Some MongoDB Drivers may erroneously publish events containing authentication-related data to a command listener configured by an application. The published events may contain security-sensitive data when specific authentication-related commands are executed. Without due care, an application may inadvertently expose this sensitive information, e.g., by writing it to a log file. This issue only arises if an application enables the command listener feature (this is not enabled by default). This issue affects ... • https://jira.mongodb.org/browse/CDRIVER-3797 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.4EPSS: 0%CPEs: 17EXPL: 1CVE-2021-44533 – nodejs: Incorrect handling of certificate subject and issuer fields
https://notcve.org/view.php?id=CVE-2021-44533
24 Feb 2022 — Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in order to inject a Common Name that would allow bypassing the certificate subject verification.Affected versions of Node.js that do not accept multi-value Relative Distinguished Names and are thus not vulner... • https://hackerone.com/reports/1429694 • CWE-295: Improper Certificate Validation •
CVSS: 7.4EPSS: 0%CPEs: 16EXPL: 1CVE-2021-44532 – nodejs: Certificate Verification Bypass via String Injection
https://notcve.org/view.php?id=CVE-2021-44532
24 Feb 2022 — Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 converts SANs (Subject Alternative Names) to a string format. It uses this string to check peer certificates against hostnames when validating connections. The string format was subject to an injection vulnerability when name constraints were used within a certificate chain, allowing the bypass of these name constraints.Versions of Node.js with the fix for this escape SANs containing the problematic characters in order to prevent the injection. This beha... • https://hackerone.com/reports/1429694 • CWE-295: Improper Certificate Validation CWE-296: Improper Following of a Certificate's Chain of Trust •
CVSS: 7.4EPSS: 0%CPEs: 15EXPL: 0CVE-2021-44531 – nodejs: Improper handling of URI Subject Alternative Names
https://notcve.org/view.php?id=CVE-2021-44531
24 Feb 2022 — Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 was accepting URI SAN types, which PKIs are often not defined to use. Additionally, when a protocol allows URI SANs, Node.js did not match the URI correctly.Versions of Node.js with the fix for this disable the URI SAN type when checking a certificate against a hostname. This ... • https://hackerone.com/reports/1429694 • CWE-295: Improper Certificate Validation •
CVSS: 9.3EPSS: 1%CPEs: 21EXPL: 1CVE-2020-8174 – nodejs: memory corruption in napi_get_value_string_* functions
https://notcve.org/view.php?id=CVE-2020-8174
28 Jun 2020 — napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and < 14.4.0. La función napi_get_value_string_*(), permite varios tipos de corrupción de memoria en node versiones anteriores a 10.21.0, 12.18.0 y versiones anteriores a 14.4.0 A flaw was found in nodejs. Calling napi_get_value_string_latin1(), napi_get_value_string_utf8(), or napi_get_value_string_utf16() with a non-NULL buf, and a bufsize of 0 will cause the entire string value to be written to buf, probably o... • https://hackerone.com/reports/784186 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-5739 – Gentoo Linux Security Advisory 202003-48
https://notcve.org/view.php?id=CVE-2019-5739
28 Mar 2019 — Keep-alive HTTP and HTTPS connections can remain open and inactive for up to 2 minutes in Node.js 6.16.0 and earlier. Node.js 8.0.0 introduced a dedicated server.keepAliveTimeout which defaults to 5 seconds. The behavior in Node.js 6.16.0 and earlier is a potential Denial of Service (DoS) attack vector. Node.js 6.17.0 introduces server.keepAliveTimeout and the 5-second default. Las conexiones HTTP y HTTPS "keep-alive" pueden permanecer abiertas y inactivas durante hasta 2 minutos en Node.js en versiones 6.1... • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 4.8EPSS: 0%CPEs: 41EXPL: 3CVE-2018-5407 – Intel (Skylake / Kaby Lake) - 'PortSmash' CPU SMT Side-Channel
https://notcve.org/view.php?id=CVE-2018-5407
02 Nov 2018 — Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'. SMT (Simultaneous Multi-threading) en los procesadores puede habilitar que usuarios locales exploten software vulnerable a ataques de sincronización mediante un ataques de sincronización de canal lateral en la "contención de puertos". A microprocessor side-channel vulnerability was found on SMT (e.g, Hyper-Threading) architectures. An... • https://packetstorm.news/files/id/150138 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •
CVSS: 8.1EPSS: 1%CPEs: 4EXPL: 0CVE-2018-12115 – nodejs: Out of bounds (OOB) write via UCS-2 encoding
https://notcve.org/view.php?id=CVE-2018-12115
21 Aug 2018 — In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding (recognized by Node.js under the names `'ucs2'`, `'ucs-2'`, `'utf16le'` and `'utf-16le'`), `Buffer#write()` can be abused to write outside of the bounds of a single `Buffer`. Writes that start from the second-to-last position of a buffer cause a miscalculation of the maximum length of the input bytes to be written. En todas las versiones de Node.js anteriores a la 6.14.4, 8.11.4 y 10.9.0, cuando se utiliza con codifi... • http://www.securityfocus.com/bid/105127 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 7EXPL: 0CVE-2018-7159 – nodejs: HTTP parser allowed for spaces inside Content-Length header values
https://notcve.org/view.php?id=CVE-2018-7159
17 May 2018 — The HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification does not allow for spaces in the `Content-Length` value and the Node.js HTTP parser has been brought into line on this particular difference. The security risk of this flaw to Node.js users is considered to be VERY LOW as it is difficult, and may be impossible, to craft an attack that makes use of th... • https://access.redhat.com/errata/RHSA-2019:2258 • CWE-20: Improper Input Validation CWE-115: Misinterpretation of Input •