High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-08-13	CVE-2019-9514	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. network low complexity apple apache debian canonical synology fedoraproject opensuse redhat oracle mcafee netapp f5 nodejs CWE-770	7.5
2019-08-13	CVE-2019-9513	Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. network low complexity apple apache canonical debian fedoraproject synology opensuse redhat oracle mcafee f5 nodejs	7.5
2019-08-13	CVE-2019-9512	Resource Exhaustion vulnerability in multiple products Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. network low complexity apple apache debian nodejs CWE-400	7.5
2019-08-13	CVE-2019-9511	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. network low complexity apple apache canonical debian synology fedoraproject opensuse redhat oracle mcafee f5 nodejs CWE-770	7.5
2019-03-28	CVE-2019-5737	Allocation of Resources Without Limits or Throttling vulnerability in multiple products In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service (DoS) by establishing an HTTP or HTTPS connection in keep-alive mode and by sending headers very slowly. network low complexity nodejs opensuse CWE-770	7.5
2018-06-13	CVE-2018-7162	Improper Input Validation vulnerability in Nodejs Node.Js All versions of Node.js 9.x and 10.x are vulnerable and the severity is HIGH. network low complexity nodejs CWE-20	7.8
2018-06-13	CVE-2018-7161	Improper Input Validation vulnerability in Nodejs Node.Js All versions of Node.js 8.x, 9.x, and 10.x are vulnerable and the severity is HIGH. network low complexity nodejs CWE-20	7.8
2018-06-12	CVE-2018-0732	Key Management Errors vulnerability in multiple products During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. network low complexity openssl debian canonical nodejs CWE-320	7.5
2018-05-17	CVE-2018-7160	Authentication Bypass by Spoofing vulnerability in Nodejs Node.Js The Node.js inspector, in 6.x and later is vulnerable to a DNS rebinding attack which could be exploited to perform remote code execution. network low complexity nodejs CWE-290	8.8
2017-07-07	CVE-2017-1000381	Information Exposure vulnerability in multiple products The c-ares function `ares_parse_naptr_reply()`, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way. network low complexity c-ares-project c-ares nodejs CWE-200	7.5