Product:

Linux_enterprise

(Suse)
Repositories https://github.com/nodejs/node
#Vulnerabilities 93
Date Id Summary Products Score Patch Annotated
2018-07-23 CVE-2018-14523 An issue was discovered in aubio 0.4.6. A buffer over-read can occur in new_aubio_pitchyinfft in pitch/pitchyinfft.c, as demonstrated by aubionotes. Aubio, Leap, Linux_enterprise 8.8
2018-07-23 CVE-2018-14522 An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c, as demonstrated by aubionotes. Aubio, Leap, Linux_enterprise 8.8
2016-10-10 CVE-2016-7099 The tls.checkServerIdentity function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 does not properly handle wildcards in name fields of X.509 certificates, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. Node\.js, Linux_enterprise 5.9
2016-10-10 CVE-2016-5325 CRLF injection vulnerability in the ServerResponse#writeHead function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the reason argument. Node\.js, Linux_enterprise 6.1
2016-04-30 CVE-2016-2807 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Firefox, Firefox_esr, Leap, Opensuse, Linux_enterprise 8.8
2016-04-30 CVE-2016-2806 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Debian_linux, Firefox, Leap, Opensuse, Linux_enterprise 8.8