Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • H
Malicious Package
rrgod * npm 15 Jan, 2019
  • H
Malicious Package
text-qrcode * npm 10 Jan, 2019
  • M
Information Exposure
rails-session-decoder * npm 10 Jan, 2019
  • H
Denial of Service (DoS)
markdown-it-toc-and-anchor <4.2.0 npm 10 Jan, 2019
  • M
Cross-site Scripting (XSS)
jingo <1.9.2 npm 10 Jan, 2019
  • M
Cryptographic Backdoor
generate-password <1.4.1 npm 10 Jan, 2019
  • M
Directory Traversal
cordova-plugin-ionic-webview <2.2.0 npm 10 Jan, 2019
  • M
Denial of Service (DoS)
autolinker <3.0.0 npm 10 Jan, 2019
  • H
Remote Code Execution
xterm >=3.8.0 <3.8.1,>=3.9.0 <3.9.2,>=3.10.0 <3.10.1 npm 10 Jan, 2019
  • M
Cross-site Scripting (XSS)
bootstrap <3.4.0 npm 10 Jan, 2019
  • M
Cross-site Scripting (XSS)
bootstrap <3.4.0 npm 10 Jan, 2019
  • H
Malicious Package
commander-js * npm 09 Jan, 2019
  • M
Regular Expression Denial of Service (ReDoS)
esm <=3.0.84 npm 03 Jan, 2019
  • M
Cross-site Scripting (XSS)
qunit <=2.8.0 npm 03 Jan, 2019
  • H
Cross-site Scripting (XSS)
ids-enterprise <4.15.0 npm 03 Jan, 2019
  • H
Arbitrary Code Execution
react-dev-utils >=1.0.0 <1.0.4,>=2.0.0 <2.0.2,>=3.0.0 <3.1.2,>=4.0.0 <4.2.2,>=5.0.0 <5.0.2 npm 02 Jan, 2019
  • H
Arbitrary Code Execution
nuclide <0.290.0 npm 02 Jan, 2019
  • M
Cross-site Scripting (XSS)
buefy <=0.7.1 npm 31 Dec, 2018
  • M
Regular Expression Denial of Service (ReDoS)
uap-core <0.6.0 npm 30 Dec, 2018
  • H
Remote Code Execution (RCE)
pomelo-monitor * npm 28 Dec, 2018
  • M
Cross-site Scripting (XSS)
rendertron-middleware <0.1.3 npm 18 Dec, 2018
  • H
Denial of Service (DoS)
rendertron-middleware <0.1.3 npm 18 Dec, 2018
  • H
Information Exposure
rendertron-middleware <0.1.3 npm 18 Dec, 2018
  • M
Arbitrary File Read
rendertron-middleware <0.1.3 npm 18 Dec, 2018
  • H
Prototype Pollution
mpath <0.5.1 npm 12 Dec, 2018
  • L
Denial of Service (DoS)
just-extend <4.0.0 npm 12 Dec, 2018
  • H
Prototype pollution
mergify * npm 12 Dec, 2018
  • M
Directory Traversal
simplehttpserver * npm 29 Nov, 2018
  • H
Malicious Package
event-stream =3.3.6 npm 26 Nov, 2018
  • H
Malicious Package
flatmap-stream * npm 26 Nov, 2018