Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • H
Malicious Package
commander-js * npm 09 Jan, 2019
  • M
Cross-site Scripting (XSS)
qunit <2.9.0 npm 03 Jan, 2019
  • M
Regular Expression Denial of Service (ReDoS)
esm <3.1.0 npm 03 Jan, 2019
  • H
Cross-site Scripting (XSS)
ids-enterprise <4.15.0 npm 03 Jan, 2019
  • H
Arbitrary Code Execution
react-dev-utils >=1.0.0 <1.0.4,>=2.0.0 <2.0.2,>=3.0.0 <3.1.2,>=4.0.0 <4.2.2,>=5.0.0 <5.0.2 npm 02 Jan, 2019
  • H
Arbitrary Code Execution
nuclide <0.290.0 npm 02 Jan, 2019
  • M
Cross-site Scripting (XSS)
buefy <0.7.2 npm 31 Dec, 2018
  • M
Regular Expression Denial of Service (ReDoS)
uap-core <0.6.0 npm 30 Dec, 2018
  • H
Remote Code Execution (RCE)
pomelo-monitor * npm 28 Dec, 2018
  • M
Cross-site Scripting (XSS)
rendertron-middleware <0.1.3 npm 18 Dec, 2018
  • H
Denial of Service (DoS)
rendertron-middleware <0.1.3 npm 18 Dec, 2018
  • H
Information Exposure
rendertron-middleware <0.1.3 npm 18 Dec, 2018
  • M
Arbitrary File Read
rendertron-middleware <0.1.3 npm 18 Dec, 2018
  • H
Prototype Pollution
mpath <0.5.1 npm 12 Dec, 2018
  • L
Denial of Service (DoS)
just-extend <4.0.0 npm 12 Dec, 2018
  • H
Prototype pollution
mergify * npm 12 Dec, 2018
  • M
Directory Traversal
simplehttpserver * npm 29 Nov, 2018
  • H
Malicious Package
event-stream =3.3.6 npm 26 Nov, 2018
  • H
Malicious Package
flatmap-stream * npm 26 Nov, 2018
  • M
HTML Injection
valine <1.3.4 npm 22 Nov, 2018
  • L
Arbitrary Code Execution
jquery-file-upload * npm 22 Nov, 2018
  • M
Cross-site Scripting (XSS)
inline-source <6.1.7 npm 22 Nov, 2018
  • H
Privilege Escalation
auth0-js <8.0.0 npm 22 Nov, 2018
  • M
Arbitrary Command Execution
kibana <5.3.13,>=6.4.0 <6.4.3 npm 22 Nov, 2018
  • M
Cross-site Scripting (XSS)
serve-handler <5.0.3 npm 19 Nov, 2018
  • M
Cross-site Scripting (XSS)
ckeditor >=4.0.0 <4.11.0 npm 19 Nov, 2018
  • H
Improper Verification of Signature
samlify <2.4.0 npm 15 Nov, 2018
  • M
Arbitrary Code Injection
morgan <1.9.1 npm 12 Nov, 2018
  • H
Cross-site Scripting (XSS)
tianma-static * npm 08 Nov, 2018
  • H
Directory Traversal
takeapeek * npm 08 Nov, 2018