Vulnerability DB

Vulnerability	Affects	Type	Published
M Arbitrary Command Execution	@knutkirkhorn/free-space <1.3.0	npm	18 Sep, 2020
M Command Injection	node-idevice *	npm	17 Sep, 2020
H Remote Code Execution (RCE)	heroku-exec-util *	npm	16 Sep, 2020
H Improper Authentication	authmagic-timerange-stateless-core *	npm	16 Sep, 2020
H Regular Expression Denial of Service (ReDoS)	ua-parser-js <0.7.22	npm	16 Sep, 2020
H Command Injection	alfred-workflow-nodejs *	npm	15 Sep, 2020
H Malicious Package	nagibabel *	npm	15 Sep, 2020
M Information Exposure	renovate >=19.180.0 <23.25.1	npm	15 Sep, 2020
L Cross-site Scripting (XSS)	flsaba *	npm	14 Sep, 2020
H Prototype pollution	keyd *	npm	14 Sep, 2020
H Prototype pollution	objtools *	npm	14 Sep, 2020
H Remote Code Execution (RCE)	notevil *	npm	14 Sep, 2020
M Denial of Service (DoS)	passport-azure-ad <4.3.0	npm	14 Sep, 2020
M Cross-site Scripting (XSS)	trezor-connect <8.1.12	npm	13 Sep, 2020
H Cross-site Scripting (XSS)	joplin <1.1.1	npm	13 Sep, 2020
M Denial of Service	node-fetch <2.6.1,>=3.0.0-beta.1 <3.0.0-beta.9	npm	11 Sep, 2020
M Prototype Pollution	json-logic-js *	npm	11 Sep, 2020
H Denial of Service (DoS)	bcoin >=1.0.0-pre <1.0.2	npm	11 Sep, 2020
M Cross-site Scripting (XSS)	zulip <5.4.3	npm	11 Sep, 2020
M Improper Input Validation	personnummer <3.1.0	npm	10 Sep, 2020
M Denial of Service (DoS)	hermes-engine <0.7.0	npm	10 Sep, 2020
M Out-of-Bounds	hermes-engine <0.7.0	npm	10 Sep, 2020
M Denial of Service (DoS)	hermes-engine <0.7.0	npm	10 Sep, 2020
M Authentication Bypass	node-lemonldap-ng-handler <0.5.2	npm	10 Sep, 2020
M Cross-site Scripting (XSS)	bitcore-node <8.22.2	npm	10 Sep, 2020
M Improper Authorization	parse-server *	npm	10 Sep, 2020
H Arbitrary Code Execution	sanitize-html <2.0.0-beta	npm	07 Sep, 2020
H Server-side Request Forgery (SSRF)	@uppy/companion <1.9.3	npm	06 Sep, 2020
H Prototype Pollution	extend-merge <1.0.6	npm	06 Sep, 2020
H Directory Traversal	static-server-gx *	npm	03 Sep, 2020