The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Nodejs Core

Nghttp2: NULL pointer dereference via ALTSVC Frame
An attacker can force a NULL pointer to be dereferenced via ALTSVC Frame of Nghttp2, in order to trigger a denial of service...
bulletinoct2018, CVE-2018-1000168, FEDORA-2018-cec96a9c41, ibm10715995, ibm10728705, openSUSE-SU-2018:1963-1, SUSE-SU-2018:1918-1, VIGILANCE-VUL-25942
OpenSSL: information disclosure via RSA Constant Time Key Generation
An attacker can bypass access restrictions to data via RSA Constant Time Key Generation of OpenSSL, in order to obtain sensitive information...
bulletinjul2018, CERTFR-2018-AVI-511, CERTFR-2018-AVI-607, cpuapr2019, cpuapr2020, cpujan2019, cpujul2019, cpuoct2018, CVE-2018-0737, DLA-1449-1, DSA-2020-030, DSA-4348-1, DSA-4355-1, FEDORA-2019-00c25b9379, ibm10729805, ibm10743283, ibm10880781, JSA10919, JSA10990, openSUSE-SU-2018:2695-1, openSUSE-SU-2018:2957-1, openSUSE-SU-2018:3015-1, openSUSE-SU-2019:0152-1, openSUSE-SU-2019:1432-1, PAN-SA-2018-0015, RHSA-2018:3221-01, SA44073-2019-03, SSA:2018-226-01, SUSE-SU-2018:2486-1, SUSE-SU-2018:2492-1, SUSE-SU-2018:2683-1, SUSE-SU-2018:2928-1, SUSE-SU-2018:2965-1, SUSE-SU-2018:3864-1, SUSE-SU-2018:3864-2, SUSE-SU-2019:0197-1, SUSE-SU-2019:0512-1, SUSE-SU-2019:1553-1, TNS-2018-14, TNS-2018-17, TSB17568, USN-3628-1, USN-3628-2, USN-3692-1, USN-3692-2, VIGILANCE-VUL-25884
Node Core: code execution via Inspector DNS Rebinding
An attacker can use a vulnerability via Inspector DNS Rebinding of Node Core, in order to run code...
CERTFR-2019-AVI-593, CVE-2018-7160, FEDORA-2018-e672eaf4df, FEDORA-2018-ecf73042e3, ibm10715995, K63025104, openSUSE-SU-2018:1209-1, VIGILANCE-VUL-25723
Node Core: vulnerability via HTTP Content-Length Spaces
A vulnerability via HTTP Content-Length Spaces of Node Core was announced...
CVE-2018-7159, FEDORA-2018-e672eaf4df, FEDORA-2018-ecf73042e3, ibm10715995, K27228191, openSUSE-SU-2018:0967-1, openSUSE-SU-2018:1209-1, RHSA-2019:2258-01, VIGILANCE-VUL-25722
Node Core: denial of service via Path Regular Expression
An attacker can generate a fatal error via Path Regular Expression of Node Core, in order to trigger a denial of service...
CVE-2018-7158, FEDORA-2018-e672eaf4df, FEDORA-2018-ecf73042e3, ibm10715995, openSUSE-SU-2018:0967-1, openSUSE-SU-2018:1209-1, VIGILANCE-VUL-25721
Node Core: buffer overflow via fs.readdirSync
An attacker can generate a buffer overflow via fs.readdirSync() of Node Core, in order to trigger a denial of service, and possibly to run code...
VIGILANCE-VUL-25365
Node Core: information disclosure via Fill Value Encoding
A local attacker can read a memory fragment via Fill Value Encoding of Node Core, in order to obtain sensitive information...
CVE-2017-15897, FEDORA-2017-e6be32cb7a, VIGILANCE-VUL-24728
Node Core: information disclosure via SSL_read
An attacker can bypass access restrictions to data via SSL_read() of Node Core, in order to obtain sensitive information...
CVE-2017-15896, FEDORA-2017-e6be32cb7a, JSA10873, openSUSE-SU-2018:0029-1, openSUSE-SU-2018:0315-1, VIGILANCE-VUL-24727
OpenSSL: information disclosure via rsaz_1024_mul_avx2
An attacker can bypass access restrictions to data via rsaz_1024_mul_avx2() of OpenSSL, in order to obtain sensitive information...
2014324, bulletinapr2018, bulletinjan2018, CERTFR-2017-AVI-452, CERTFR-2018-AVI-155, cpuapr2018, cpuapr2019, cpujan2018, cpujan2019, cpujul2018, cpujul2019, cpuoct2018, CVE-2017-3738, DSA-2020-062, DSA-4065-1, DSA-4157-1, FEDORA-2017-e6be32cb7a, FreeBSD-SA-17:12.openssl, ibm10716907, ibm10717405, ibm10717409, ibm10719113, JSA10851, openSUSE-SU-2017:3345-1, openSUSE-SU-2018:0029-1, openSUSE-SU-2018:0315-1, RHSA-2018:0998-01, SA159, SSA:2017-342-01, SUSE-SU-2019:14246-1, swg21647054, USN-3512-1, VIGILANCE-VUL-24698
OpenSSL: out-of-bounds memory reading via X.509 IPAddressFamily
An attacker can force a read at an invalid address via X.509 IPAddressFamily of OpenSSL, in order to trigger a denial of service, or to obtain sensitive information...
2011879, 2013026, 2014367, bulletinapr2018, CERTFR-2017-AVI-391, cpuapr2018, cpuapr2019, cpujan2018, cpujan2019, cpujul2018, cpujul2019, cpuoct2018, CVE-2017-3735, DSA-4017-1, DSA-4018-1, FEDORA-2017-4cf72e2c11, FEDORA-2017-512a6c5aae, FEDORA-2017-55a3247cfd, FEDORA-2017-7f30914972, FEDORA-2017-dbec196dd8, FreeBSD-SA-17:11.openssl, HT208331, HT208394, ibm10715641, ibm10738249, JSA10851, JSA10990, openSUSE-SU-2017:3192-1, openSUSE-SU-2018:0029-1, openSUSE-SU-2018:0315-1, RHSA-2018:3221-01, SA157, SB10211, SUSE-SU-2017:2968-1, SUSE-SU-2017:2981-1, SUSE-SU-2018:0112-1, SUSE-SU-2019:14246-1, TNS-2017-15, USN-3475-1, VIGILANCE-VUL-24317
Our database contains other pages. You can request a free trial to read them.

Display information about Nodejs Core: