Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Show:
Report a new vulnerability
Vulnerability Affects Type Published
  • H
Malicious Package 		portionfatty12 * npm 15 Jan, 2019
  • H
Malicious Package 		rrgod * npm 15 Jan, 2019
  • M
Time of Check Time of Use (TOCTOU) 		chownr <1.1.0 npm 11 Jan, 2019
  • H
Malicious Package 		text-qrcode * npm 10 Jan, 2019
  • M
Information Exposure 		rails-session-decoder * npm 10 Jan, 2019
  • M
Cryptographic Backdoor 		generate-password <1.4.1 npm 10 Jan, 2019
  • M
Directory Traversal 		cordova-plugin-ionic-webview <2.2.0 npm 10 Jan, 2019
  • M
Denial of Service (DoS) 		autolinker * npm 10 Jan, 2019
  • M
Cross-site Scripting (XSS) 		jingo <1.9.2 npm 10 Jan, 2019
  • H
Denial of Service (DoS) 		markdown-it-toc-and-anchor <4.2.0 npm 10 Jan, 2019
  • H
Remote Code Execution 		xterm >=3.8.0 <3.8.1,>=3.9.0 <3.9.2,>=3.10.0 <3.10.1 npm 10 Jan, 2019
  • M
Cross-site Scripting (XSS) 		bootstrap <3.4.0 npm 10 Jan, 2019
  • M
Cross-site Scripting (XSS) 		bootstrap <3.4.0 npm 10 Jan, 2019
  • H
Malicious Package 		commander-js * npm 09 Jan, 2019
  • M
Regular Expression Denial of Service (ReDoS) 		esm <=3.0.84 npm 03 Jan, 2019
  • M
Cross-site Scripting (XSS) 		qunit <=2.8.0 npm 03 Jan, 2019
  • H
Arbitrary Code Execution 		react-dev-utils >=1.0.0 <1.0.4,>=2.0.0 <2.0.2,>=3.0.0 <3.1.2,>=4.0.0 <4.2.2,>=5.0.0 <5.0.2 npm 02 Jan, 2019
  • H
Arbitrary Code Execution 		nuclide <0.290.0 npm 02 Jan, 2019
  • M
Cross-site Scripting (XSS) 		buefy <=0.7.1 npm 31 Dec, 2018
  • M
Regular Expression Denial of Service (ReDoS) 		uap-core <0.6.0 npm 30 Dec, 2018
  • M
Cross-site Scripting (XSS) 		rendertron-middleware <0.1.3 npm 18 Dec, 2018
  • H
Denial of Service (DoS) 		rendertron-middleware <0.1.3 npm 18 Dec, 2018
  • H
Information Exposure 		rendertron-middleware <0.1.3 npm 18 Dec, 2018
  • M
Arbitrary File Read 		rendertron-middleware <0.1.3 npm 18 Dec, 2018
  • H
Prototype Pollution 		mpath <0.5.1 npm 12 Dec, 2018
  • H
Prototype pollution 		mergify * npm 12 Dec, 2018
  • L
Denial of Service 		just-extend <4.0.0 npm 12 Dec, 2018
  • M
Directory Traversal 		simplehttpserver * npm 29 Nov, 2018
  • H
Malicious Package 		event-stream =3.3.6 npm 26 Nov, 2018
  • H
Malicious Package 		flatmap-stream * npm 26 Nov, 2018
Subscribe to RSS feed