| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2021-29469 | Potential exponential regex in monitor mode | NodeRedis | node-redis | Medium | 5.3 | 2021-04-23 18:10:15 | Deep Dive |
| CVE-2021-29446 | Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-cjs-runtime | panva | jose-node-cjs-runtime | Medium | 5.9 | 2021-04-16 22:00:15 | Deep Dive |
| CVE-2021-29445 | Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-esm-runtime | panva | jose-node-esm-runtime | Medium | 5.9 | 2021-04-16 21:50:13 | Deep Dive |
| CVE-2021-23371 | Regular Expression Denial of Service (ReDoS) | - | chrono-node | High | 7.5 | 2021-04-12 13:10:16 | Deep Dive |
| CVE-2021-21421 | ApiKey secret could be revelated on network issue | creharmony | node-etsy-client | High | 8.1 | 2021-04-01 22:10:13 | Deep Dive |
| CVE-2021-26987 | Vmware VMware vCenter Server 安全漏洞 | - | Element Plug-in for vCenter Server | 超危 | - | 2021-03-15 21:28:13 | Deep Dive |
| CVE-2021-22883 | nodejs 资源管理错误漏洞 | NodeJS | Node | 高危 | - | 2021-03-03 17:38:32 | Deep Dive |
| CVE-2021-22884 | Nodejs 安全漏洞 | NodeJS | Node | 高危 | - | 2021-03-03 17:37:46 | Deep Dive |
| CVE-2021-21298 | Path traversal in Node-Red | node-red | node-red | Low | 3.5 | 2021-02-26 16:25:14 | Deep Dive |
| CVE-2021-21297 | Prototype Pollution in Node-Red | node-red | node-red | High | 7.7 | 2021-02-26 16:20:17 | Deep Dive |
| CVE-2021-20327 | MongoDB Node.js client side field level encryption library may not be validating KMS certificate | MongoDB Inc. | MongoDB Node.js Driver mongodb-client-encryption module | Medium | 6.4 | 2021-02-25 16:25:11 | Deep Dive |
| CVE-2020-7785 | Command Injection | - | node-ps | Critical | 9.8 | 2021-02-08 18:25:24 | Deep Dive |
| CVE-2020-8265 | nodejs 资源管理错误漏洞 | NodeJS | Node | 高危 | - | 2021-01-06 21:01:15 | Deep Dive |
| CVE-2020-8287 | nodejs 环境问题漏洞 | NodeJS | Node | 中危 | - | 2021-01-06 00:00:00 | Deep Dive |
| CVE-2020-11093 | Authorization bypass in Hyperledger Indy | hyperledger | indy-node | High | 7.5 | 2020-12-24 20:05:15 | Deep Dive |
| CVE-2020-7789 | Command Injection | - | node-notifier | Medium | 5.6 | 2020-12-11 09:55:14 | Deep Dive |
| CVE-2020-8277 | Oracle GraalVM 资源管理错误漏洞 | NodeJS | Node | 高危 | - | 2020-11-19 00:32:13 | Deep Dive |
| CVE-2020-8582 | NetApp Element Software 安全漏洞 | - | NetApp SolidFire & HCI Storage Node (Element Software) | 中危 | - | 2020-11-13 15:16:24 | Deep Dive |
| CVE-2020-8583 | NetApp Element Software 安全漏洞 | - | NetApp SolidFire & HCI Storage Node (Element Software) ) | 高危 | - | 2020-11-13 15:14:36 | Deep Dive |
| CVE-2020-7740 | Server-side Request Forgery (SSRF) | - | node-pdf-generator | High | 8.2 | 2020-10-06 16:40:13 | Deep Dive |