|
Sandbox Bypass
|
vm2
<3.6.11
|
npm
|
16 Oct, 2019
|
|
Relative Path Overwrite (RPO)
|
swagger-ui
<3.23.11
|
npm
|
11 Oct, 2019
|
|
Information Exposure
|
mongoose
<5.7.5
|
npm
|
10 Oct, 2019
|
|
Regular Expression Denial of Service (ReDoS)
|
simple-markdown
*
|
npm
|
09 Oct, 2019
|
|
Regular Expression Denial of Service (ReDoS)
|
markdown-it
<10.0.0
|
npm
|
09 Oct, 2019
|
|
Path Traversal
|
statics-server
*
|
npm
|
08 Oct, 2019
|
|
SQL Injection
|
knex
<0.19.5
|
npm
|
07 Oct, 2019
|
|
Cross-site Scripting (XSS)
|
node-red-dashboard
<2.17.0
|
npm
|
07 Oct, 2019
|
|
Denial of Service (DoS)
|
angular
<1.6.3
|
npm
|
04 Oct, 2019
|
|
Cross-site Scripting (XSS)
|
angular
<1.6.5
|
npm
|
04 Oct, 2019
|
|
Cross-site Scripting (XSS)
|
angular
<1.6.0-rc.0
|
npm
|
04 Oct, 2019
|
|
Authentication Bypass
|
http-auth
<3.2.4
|
npm
|
03 Oct, 2019
|
|
Outdated Static Dependency
|
ses
<0.6.3
|
npm
|
03 Oct, 2019
|
|
Sandbox Breakout
|
realms-shim
<1.2.0
|
npm
|
03 Oct, 2019
|
|
Denial of Service (DoS)
|
apostrophe
<2.97.1
|
npm
|
03 Oct, 2019
|
|
Malicious Package
|
comander
*
|
npm
|
03 Oct, 2019
|
|
Malicious Package
|
bmap
<1.0.3
|
npm
|
03 Oct, 2019
|
|
Malicious Package
|
pizza-pasta
=1.0.3
|
npm
|
03 Oct, 2019
|
|
Malicious Package
|
8.9.4
*
|
npm
|
03 Oct, 2019
|
|
Malicious Package
|
ember_cli_babe
*
|
npm
|
03 Oct, 2019
|
|
Malicious Package
|
log-symboles
*
|
npm
|
03 Oct, 2019
|
|
Malicious Package
|
require-port
=1.0.0
|
npm
|
03 Oct, 2019
|
|
Malicious Package
|
uglyfi.js
*
|
npm
|
03 Oct, 2019
|
|
Malicious Package
|
yeoman-genrator
=2.0.2
|
npm
|
03 Oct, 2019
|
|
Man-in-the-Middle (MitM)
|
https-proxy-agent
<3.0.0
|
npm
|
02 Oct, 2019
|
|
Reverse Tabnabbing
|
showdown
*
|
npm
|
01 Oct, 2019
|
|
Information Exposure
|
pem
<1.13.2
|
npm
|
29 Sep, 2019
|
|
Configuration Override
|
helmet-csp
>=1.2.2 <2.9.2
|
npm
|
29 Sep, 2019
|
|
Denial of Service (DoS)
|
http-live-simulator
>=1.0.7 <1.0.8
|
npm
|
27 Sep, 2019
|
|
Cross-site Scripting (XSS)
|
pdfjs-dist
<2.0.943
|
npm
|
26 Sep, 2019
|