Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • M
Arbitrary Command Injection
kill-port <1.3.2 npm 18 Mar, 2019
  • M
Cross-site Scripting (XSS)
simple-markdown <0.4.4 npm 17 Mar, 2019
  • M
Cross-site Scripting (XSS)
editor.md * npm 13 Mar, 2019
  • H
Arbitrary File Write via Archive Extraction (Zip Slip)
react-native-code-push >=1.7.0 npm 11 Mar, 2019
  • H
Arbitrary Code Execution
safer-eval <1.3.2 npm 11 Mar, 2019
  • M
Cross-site Scripting (XSS)
react-json-pretty <2.0.1 npm 06 Mar, 2019
  • H
Cross-site Scripting (XSS)
embark <4.0.0 npm 03 Mar, 2019
  • M
Cross-site Scripting (XSS)
eslint-plugin-no-unsanitized >=3.0.1 npm 01 Mar, 2019
  • L
Timing Attack
safe-compare >=1.0.4 <1.1.4 npm 01 Mar, 2019
  • H
Cross-site Scripting (XSS)
bootstrap-select <1.13.6 npm 28 Feb, 2019
  • M
Cross-site Scripting (XSS)
summernote * npm 28 Feb, 2019
  • M
Content Injection
embark <=3.2.7 npm 27 Feb, 2019
  • M
Insufficient Entropy
cryptr * npm 26 Feb, 2019
  • M
Insecure Randomness
reveal.js * npm 26 Feb, 2019
  • H
Directory Traversal
total.js >=2.1.0 <2.1.1,>=2.2.0 <2.2.1,>=2.3.0 <2.3.1,>=2.4.0 <2.4.1,>=2.5.0 <2.5.1,>=2.6.0 <2.6.3,>=2.7.0 <2.7.1,>=2.8.0 <2.8.1,>=2.9.0 <2.9.5,>=3.0.0 <3.0.1,>=3.1.0 <3.1.1,>=3.2.0 <3.2.4 npm 20 Feb, 2019
  • M
Improper Access Control
thrift >=0.9.2 <0.11.0 npm 17 Feb, 2019
  • M
Cross-site Scripting (XSS)
bootstrap <3.4.1,>=4.0.0 <4.3.1 npm 15 Feb, 2019
  • H
Remote Code Execution (RCE)
office-converter * npm 14 Feb, 2019
  • H
Arbitrary Code Execution
static-eval <2.0.2 npm 14 Feb, 2019
  • H
Prototype Pollution
handlebars <4.0.13 npm 14 Feb, 2019
  • H
Remote Code Execution (RCE)
node-os-utils * npm 14 Feb, 2019
  • M
Denial of Service (DoS)
url-relative * npm 14 Feb, 2019
  • L
Denial of Service (DoS)
ircdkit * npm 13 Feb, 2019
  • H
Information Exposure
pem <1.13.2 npm 13 Feb, 2019
  • H
Access Restriction Bypass
browserify-hmr * npm 13 Feb, 2019
  • H
Malicious Package
boogeyman * npm 13 Feb, 2019
  • M
Directory Traversal
@vivaxy/here <3.2.2 npm 13 Feb, 2019
  • H
Improper Key Verification
ipns >=0.1.1 <0.1.3 npm 13 Feb, 2019
  • M
Cross-site Scripting (XSS)
mobius1-selectr >=2.0.0 npm 12 Feb, 2019
  • M
Cross-site Scripting (XSS)
node-red-dashboard <=2.13.2 npm 11 Feb, 2019