News aggregator

CVE-2014-10064

National Vulnerability Database - Thu, 05/31/2018 - 16:29
The qs module before 1.0.0 does not have an option or default for specifying object depth and when parsing a string representing a deeply nested object will block the event loop for long periods of time. An attacker could leverage this to cause a temporary denial-of-service condition, for example, in a web application, other requests would not be processed while this blocking is occurring.
Categories: Security News

CVE-2014-10065

National Vulnerability Database - Thu, 05/31/2018 - 16:29
Certain input when passed into remarkable before 1.4.1 will bypass the bad prototcol check that disallows the javascript: scheme allowing for javascript: url's to be injected into the rendered content.
Categories: Security News

CVE-2014-10066

National Vulnerability Database - Thu, 05/31/2018 - 16:29
Versions less than 0.1.4 of the static file server module fancy-server are vulnerable to directory traversal. An attacker can provide input such as `../` to read files outside of the served directory.
Categories: Security News

CVE-2015-9236

National Vulnerability Database - Thu, 05/31/2018 - 16:29
Hapi versions less than 11.0.0 implement CORS incorrectly and allowed for configurations that at best returned inconsistent headers and at worst allowed cross-origin activities that were expected to be forbidden. If the connection has CORS enabled but one route has it off, and the route is not GET, the OPTIONS prefetch request will return the default CORS headers and then the actual request will go through and return no CORS headers. This defeats the purpose of turning CORS on the route.
Categories: Security News

CVE-2015-9238

National Vulnerability Database - Thu, 05/31/2018 - 16:29
secure-compare 3.0.0 and below do not actually compare two strings properly. compare was actually comparing the first argument with itself, meaning the check passed for any two strings of the same length.
Categories: Security News

CVE-2015-9239

National Vulnerability Database - Thu, 05/31/2018 - 16:29
ansi2html is vulnerable to regular expression denial of service (ReDoS) when certain types of user input is passed in.
Categories: Security News

CVE-2016-10518

National Vulnerability Database - Thu, 05/31/2018 - 16:29
A vulnerability was found in the ping functionality of the ws module before 1.0.0 which allowed clients to allocate memory by sending a ping frame. The ping functionality by default responds with a pong frame and the previously given payload of the ping frame. This is exactly what you expect, but internally ws always transforms all data that we need to send to a Buffer instance and that is where the vulnerability existed. ws didn't do any checks for the type of data it was sending. With buffers in node when you allocate it when a number instead of a string it will allocate the amount of bytes.
Categories: Security News

CVE-2016-10519

National Vulnerability Database - Thu, 05/31/2018 - 16:29
A security issue was found in bittorrent-dht before 5.1.3 that allows someone to send a specific series of messages to a listening peer and get it to reveal internal memory.
Categories: Security News

CVE-2016-10520

National Vulnerability Database - Thu, 05/31/2018 - 16:29
jadedown is vulnerable to regular expression denial of service (ReDoS) when certain types of user input is passed in.
Categories: Security News

CVE-2016-10521

National Vulnerability Database - Thu, 05/31/2018 - 16:29
jshamcrest is vulnerable to regular expression denial of service (ReDoS) when certain types of user input is passed in to the emailAddress validator.
Categories: Security News

CVE-2016-10523

National Vulnerability Database - Thu, 05/31/2018 - 16:29
MQTT before 3.4.6 and 4.0.x before 4.0.5 allows specifically crafted MQTT packets to crash the application, making a DoS attack feasible with very little bandwidth.
Categories: Security News

CVE-2016-10524

National Vulnerability Database - Thu, 05/31/2018 - 16:29
i18n-node-angular is a module used to interact between i18n and angular without using additional resources. A REST API endpoint that is used for development in i18n-node-angular before 1.4.0 was not disabled in production environments a malicious user could fill up the server causing a Denial of Service or content injection.
Categories: Security News

CVE-2016-10526

National Vulnerability Database - Thu, 05/31/2018 - 16:29
A common setup to deploy to gh-pages on every commit via a CI system is to expose a github token to ENV and to use it directly in the auth part of the url. In module versions < 0.9.1 the auth portion of the url is outputted as part of the grunt tasks logging function. If this output is publicly available then the credentials should be considered compromised.
Categories: Security News

CVE-2016-10527

National Vulnerability Database - Thu, 05/31/2018 - 16:29
The riot-compiler version version 2.3.21 has an issue in a regex (Catastrophic Backtracking) thats make it unusable under certain conditions.
Categories: Security News

CVE-2016-10528

National Vulnerability Database - Thu, 05/31/2018 - 16:29
restafary is a REpresentful State Transfer API for Creating, Reading, Using, Deleting files on a server from the web. Restafary before 1.6.1 is able to set up a root path, which should only allow it to run inside of that root path it specified.
Categories: Security News

CVE-2016-10529

National Vulnerability Database - Thu, 05/31/2018 - 16:29
Droppy versions <3.5.0 does not perform any verification for cross-domain websocket requests. An attacker is able to make a specially crafted page that can send requests as the context of the currently logged in user. For example this means the malicious user could add a new admin account under his control and delete others.
Categories: Security News

CVE-2016-10530

National Vulnerability Database - Thu, 05/31/2018 - 16:29
The airbrake module 0.3.8 and earlier defaults to sending environment variables over HTTP. Environment variables can often times contain secret keys and other sensitive values. A malicious user could be on the same network as a regular user and intercept all the secret keys the user is sending. This goes against common best practice, which is to use HTTPS.
Categories: Security News

CVE-2018-11627

National Vulnerability Database - Thu, 05/31/2018 - 15:29
Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception.
Categories: Security News

CVE-2018-11132

National Vulnerability Database - Thu, 05/31/2018 - 14:29
In order to perform actions that require higher privileges, the Quest KACE System Management Appliance 8.0.318 relies on a message queue that runs daemonized with root privileges and only allows a set of commands to be executed. A command injection vulnerability exists within this message queue which allows low-privilege users to append arbitrary commands that will be run as root.
Categories: Security News

CVE-2018-11133

National Vulnerability Database - Thu, 05/31/2018 - 14:29
The 'fmt' parameter of the '/common/run_cross_report.php' script in the the Quest KACE System Management Appliance 8.0.318 is vulnerable to cross-site scripting.
Categories: Security News

Pages