- EPSS 2.58%
- Veröffentlicht 19.10.2014 01:55:21
- Zuletzt bearbeitet 12.04.2025 10:46:40
The qs module before 1.0.0 in Node.js does not call the compact function for array data, which allows remote attackers to cause a denial of service (memory consumption) by using a large index value to create a sparse array.
CVE-2014-0224
- EPSS 92.95%
- Veröffentlicht 05.06.2014 21:55:07
- Zuletzt bearbeitet 12.04.2025 10:46:40
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL...
CVE-2013-6668
- EPSS 12.82%
- Veröffentlicht 05.03.2014 05:11:22
- Zuletzt bearbeitet 12.04.2025 10:46:40
Multiple unspecified vulnerabilities in Google V8 before 3.24.35.10, as used in Google Chrome before 33.0.1750.146, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2013-2882
- EPSS 1.93%
- Veröffentlicht 31.07.2013 13:20:13
- Zuletzt bearbeitet 11.04.2025 00:51:21
Google V8, as used in Google Chrome before 28.0.1500.95, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion."