Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
node vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-32652
The adapter @hono/node-server allows you to run your Hono application on Node.js. before 1.10.1, the application hangs when receiving a Host header with a value that `@hono/node-server` can't handle well. Invalid values are those that cannot be parsed by the `URL` as a hostn...
NA
CVE-2024-29958
A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the encryption key in the console when a privileged user executes the script to replace the Brocade SANnav Management Portal standby node. This could provide attackers an additional, less protected path to acquiri...
NA
CVE-2024-31463
Ironic-image is an OpenStack Ironic deployment packaged and configured by Metal3. When the reverse proxy mode is enabled by the `IRONIC_REVERSE_PROXY_SETUP` variable set to `true`, 1) HTTP basic credentials are validated on the HTTPD side in a separate container, not in the Ironi...
NA
CVE-2024-3054
WPvivid Backup & Migration Plugin for WordPress is vulnerable to PHAR Deserialization in all versions up to, and including, 0.9.99 via deserialization of untrusted input at the wpvividstg_get_custom_exclude_path_free action. This is due to the plugin not providing sufficient ...
NA
CVE-2024-29439
An unauthorized node injection vulnerability has been identified in ROS2 Humble Hawksbill in ROS_VERSION 2 and ROS_PYTHON_VERSION 3, allows remote malicious users to escalate privileges and inject malicious ROS2 nodes into the system. NOTE: this is disputed by multiple third part...
2 Github repositories
NA
CVE-2021-47202
In the Linux kernel, the following vulnerability has been resolved: thermal: Fix NULL pointer dereferences in of_thermal_ functions of_parse_thermal_zones() parses the thermal-zones node and registers a thermal_zone device for each subnode. However, if a thermal zone is consuming...
NA
CVE-2024-30723
An unauthorized node injection vulnerability has been identified in ROS Kinetic Kame in ROS_VERSION 1 and ROS_PYTHON_VERSION 3, allows remote malicious users to escalate privileges and inject malicious ROS nodes into the system due to insecure permissions. NOTE: this is disputed ...
1 Github repository
NA
CVE-2024-30707
Unauthorized node injection vulnerability in ROS2 Dashing Diademata in ROS_VERSION 2 and ROS_PYTHON_VERSION 3, allows remote malicious users to escalate privileges and inject malicious ROS2 nodes into the system. NOTE: this is disputed by multiple third parties who believe there ...
1 Github repository
NA
CVE-2024-30690
An unauthorized node injection vulnerability has been identified in ROS2 Galactic Geochelone versions where ROS_VERSION is 2 and ROS_PYTHON_VERSION is 3, allows remote malicious users to escalate privileges. NOTE: this is disputed by multiple third parties who believe there was n...
1 Github repository
NA
CVE-2024-30675
Unauthorized node injection vulnerability in ROS2 Iron Irwini in ROS_VERSION 2 and ROS_PYTHON_VERSION 3. This vulnerability could allow a malicious user to escalate privileges by injecting malicious ROS2 nodes into the system remotely. NOTE: this is disputed by multiple third par...
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »