Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Show:
Report a new vulnerability
Vulnerability Affects Type Published
  • M
Arbitrary Command Injection 		kill-port <1.3.2 npm 18 Mar, 2019
  • M
Cross-site Scripting (XSS) 		simple-markdown <0.4.4 npm 17 Mar, 2019
  • M
Cross-site Scripting (XSS) 		editor.md * npm 13 Mar, 2019
  • H
Arbitrary File Write via Archive Extraction (Zip Slip) 		react-native-code-push >=1.7.0 npm 11 Mar, 2019
  • H
Arbitrary Code Execution 		safer-eval <1.3.2 npm 11 Mar, 2019
  • M
Cross-site Scripting (XSS) 		react-json-pretty <2.0.1 npm 06 Mar, 2019
  • H
Cross-site Scripting (XSS) 		embark <4.0.0 npm 03 Mar, 2019
  • M
Cross-site Scripting (XSS) 		eslint-plugin-no-unsanitized >=3.0.1 npm 01 Mar, 2019
  • L
Timing Attack 		safe-compare >=1.0.4 <1.1.4 npm 01 Mar, 2019
  • H
Cross-site Scripting (XSS) 		bootstrap-select <1.13.6 npm 28 Feb, 2019
  • M
Cross-site Scripting (XSS) 		summernote * npm 28 Feb, 2019
  • M
Content Injection 		embark <=3.2.7 npm 27 Feb, 2019
  • M
Insufficient Entropy 		cryptr * npm 26 Feb, 2019
  • M
Insecure Randomness 		reveal.js * npm 26 Feb, 2019
  • H
Directory Traversal 		total.js >=2.1.0 <2.1.1,>=2.2.0 <2.2.1,>=2.3.0 <2.3.1,>=2.4.0 <2.4.1,>=2.5.0 <2.5.1,>=2.6.0 <2.6.3,>=2.7.0 <2.7.1,>=2.8.0 <2.8.1,>=2.9.0 <2.9.5,>=3.0.0 <3.0.1,>=3.1.0 <3.1.1,>=3.2.0 <3.2.4 npm 20 Feb, 2019
  • M
Improper Access Control 		thrift >=0.9.2 <0.11.0 npm 17 Feb, 2019
  • M
Cross-site Scripting (XSS) 		bootstrap <3.4.1,>=4.0.0 <4.3.1 npm 15 Feb, 2019
  • H
Remote Code Execution (RCE) 		office-converter * npm 14 Feb, 2019
  • H
Arbitrary Code Execution 		static-eval <2.0.2 npm 14 Feb, 2019
  • H
Prototype Pollution 		handlebars <4.0.13 npm 14 Feb, 2019
  • H
Remote Code Execution (RCE) 		node-os-utils * npm 14 Feb, 2019
  • M
Denial of Service (DoS) 		url-relative * npm 14 Feb, 2019
  • L
Denial of Service (DoS) 		ircdkit * npm 13 Feb, 2019
  • H
Information Exposure 		pem <1.13.2 npm 13 Feb, 2019
  • H
Access Restriction Bypass 		browserify-hmr * npm 13 Feb, 2019
  • H
Malicious Package 		boogeyman * npm 13 Feb, 2019
  • M
Directory Traversal 		@vivaxy/here <3.2.2 npm 13 Feb, 2019
  • H
Improper Key Verification 		ipns >=0.1.1 <0.1.3 npm 13 Feb, 2019
  • M
Cross-site Scripting (XSS) 		mobius1-selectr >=2.0.0 npm 12 Feb, 2019
  • M
Cross-site Scripting (XSS) 		node-red-dashboard <=2.13.2 npm 11 Feb, 2019
Subscribe to RSS feed