Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • M
API Admin Auth Weakness
tomato <0.0.6 npm 07 Mar, 2013
  • H
Unauthenticated Remote Command Injection
ep_imageconvert <=0.0.2 npm 06 May, 2013
  • M
Command Injection
hubot-scripts <= 2.4.3 npm 15 May, 2013
  • H
Potential Command Injection
libnotify <= 1.0.3 npm 15 May, 2013
  • M
Code Execution due to Deserialization
js-yaml <2.0.5 npm 23 Jun, 2013
  • M
Cross-site Scripting (XSS)
connect <2.8.2 npm 30 Jun, 2013
  • M
Cross-site Scripting (XSS)
validator <1.1.1 npm 05 Jul, 2013
  • H
Arbitrary Command Injection
codem-transcode <0.5.0 npm 07 Jul, 2013
  • H
Regular Expression Denial of Service (ReDoS)
marked <0.3.4 npm 30 Jan, 2014
  • M
Multiple Content Injection Vulnerabilities
marked <=0.3.0 npm 30 Jan, 2014
  • M
VBScript Content Injection
marked <0.3.3 npm 30 Jan, 2014
  • H
Heap-based Buffer Overflow
libyaml <0.2.3 npm 04 Feb, 2014
  • M
Directory Traversal
st <0.2.5 npm 06 Feb, 2014
  • M
Arbitrary Command Injection
printer <= 0.0.1 npm 06 Mar, 2014
  • H
Denial of Service (DoS)
yar <2.2.0 npm 16 Jun, 2014
  • H
Denial of Service (DoS)
hapi >=2.0.0 <2.2.0 npm 08 Jul, 2014
  • H
Rosetta-flash jsonp vulnerability
hapi < 6.1.0 npm 08 Jul, 2014
  • M
Potential Script Injection
syntax-error < 1.1.1 npm 15 Jul, 2014
  • M
CORS Token Disclosure
crumb <3.0.0 npm 01 Aug, 2014
  • H
Denial of Service (DoS)
qs <1.0.0 npm 06 Aug, 2014
  • M
Denial of Service (DoS)
qs <1.0.0 npm 06 Aug, 2014
  • M
Cross-site Scripting (XSS)
express <3.11.0,>=4.0.0 <4.5.0 npm 12 Sep, 2014
  • M
Directory Traversal
send < 0.8.4 npm 12 Sep, 2014
  • M
Arbitrary JavaScript Code Injection
bassmaster <=1.5.1 npm 27 Sep, 2014
  • M
Cross-site Scripting (XSS)
validator <2.0.0 npm 27 Oct, 2014
  • M
Arbitrary Command Injection
dns-sync <0.1.3 npm 11 Nov, 2014
  • H
Regular Expression Denial of Service (ReDoS)
validator >=0.1.0 <3.22.1 npm 12 Nov, 2014
  • M
Content Injection
remarkable <1.4.1 npm 13 Nov, 2014
  • M
Directory Traversal
nhouston * npm 13 Nov, 2014
  • M
Directory Traversal
fancy-server <0.1.4 npm 14 Nov, 2014