Vulnerability DB

Vulnerability	Affects	Type	Published
M API Admin Auth Weakness	tomato <0.0.6	npm	07 Mar, 2013
H Unauthenticated Remote Command Injection	ep_imageconvert <=0.0.2	npm	06 May, 2013
M Command Injection	hubot-scripts <= 2.4.3	npm	15 May, 2013
H Potential Command Injection	libnotify <= 1.0.3	npm	15 May, 2013
M Code Execution due to Deserialization	js-yaml <2.0.5	npm	23 Jun, 2013
M Cross-site Scripting (XSS)	connect <2.8.2	npm	30 Jun, 2013
M Cross-site Scripting (XSS)	validator <1.1.1	npm	05 Jul, 2013
H Arbitrary Command Injection	codem-transcode <0.5.0	npm	07 Jul, 2013
H Regular Expression Denial of Service (ReDoS)	marked <0.3.4	npm	30 Jan, 2014
M Multiple Content Injection Vulnerabilities	marked <=0.3.0	npm	30 Jan, 2014
M VBScript Content Injection	marked <0.3.3	npm	30 Jan, 2014
H Heap-based Buffer Overflow	libyaml <0.2.3	npm	04 Feb, 2014
M Directory Traversal	st <0.2.5	npm	06 Feb, 2014
M Arbitrary Command Injection	printer <= 0.0.1	npm	06 Mar, 2014
H Denial of Service (DoS)	yar <2.2.0	npm	16 Jun, 2014
H Denial of Service (DoS)	hapi >=2.0.0 <2.2.0	npm	08 Jul, 2014
H Rosetta-flash jsonp vulnerability	hapi < 6.1.0	npm	08 Jul, 2014
M Potential Script Injection	syntax-error < 1.1.1	npm	15 Jul, 2014
M CORS Token Disclosure	crumb <3.0.0	npm	01 Aug, 2014
H Denial of Service (DoS)	qs <1.0.0	npm	06 Aug, 2014
M Denial of Service (DoS)	qs <1.0.0	npm	06 Aug, 2014
M Cross-site Scripting (XSS)	express <3.11.0,>=4.0.0 <4.5.0	npm	12 Sep, 2014
M Directory Traversal	send < 0.8.4	npm	12 Sep, 2014
M Arbitrary JavaScript Code Injection	bassmaster <=1.5.1	npm	27 Sep, 2014
M Cross-site Scripting (XSS)	validator <2.0.0	npm	27 Oct, 2014
M Arbitrary Command Injection	dns-sync <0.1.3	npm	11 Nov, 2014
H Regular Expression Denial of Service (ReDoS)	validator >=0.1.0 <3.22.1	npm	12 Nov, 2014
M Content Injection	remarkable <1.4.1	npm	13 Nov, 2014
M Directory Traversal	nhouston *	npm	13 Nov, 2014
M Directory Traversal	fancy-server <0.1.4	npm	14 Nov, 2014