Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • H
Remote Code Execution (RCE)
office-converter * npm 14 Feb, 2019
  • H
Arbitrary Code Execution
static-eval * npm 14 Feb, 2019
  • H
Prototype Pollution
handlebars <4.0.13 npm 14 Feb, 2019
  • H
Remote Code Execution (RCE)
node-os-utils * npm 14 Feb, 2019
  • M
Denial of Service (DoS)
url-relative * npm 14 Feb, 2019
  • L
Denial of Service (DoS)
ircdkit * npm 13 Feb, 2019
  • H
Information Exposure
pem <1.13.2 npm 13 Feb, 2019
  • H
Access Restriction Bypass
browserify-hmr * npm 13 Feb, 2019
  • H
Malicious Package
boogeyman * npm 13 Feb, 2019
  • M
Directory Traversal
@vivaxy/here <3.2.2 npm 13 Feb, 2019
  • H
Improper Key Verification
ipns >=0.1.1 <0.1.3 npm 13 Feb, 2019
  • M
Cross-site Scripting (XSS)
node-red-dashboard <=2.13.2 npm 11 Feb, 2019
  • H
Malicious Package
stream-combine =2.0.2 npm 10 Feb, 2019
  • M
Regular Expression Denial of Service (ReDoS)
lodash <4.17.11 npm 03 Feb, 2019
  • H
Directory Traversal
static-resource-server * npm 01 Feb, 2019
  • L
Prototype Pollution
node.extend <1.1.7,>=2.0.0 <2.0.1 npm 01 Feb, 2019
  • L
Prototype Pollution
lodash <4.17.11 npm 01 Feb, 2019
  • M
Cross-site Scripting (XSS)
html-pages * npm 01 Feb, 2019
  • M
Regular Expression Denial of Service (ReDoS)
marked >=0.5.0 npm 30 Jan, 2019
  • M
Regular Expression Denial of Service (ReDoS)
remove-markdown * npm 29 Jan, 2019
  • M
Cross-site Scripting (XSS)
angucomplete-alt * npm 25 Jan, 2019
  • H
Arbitrary File Write via Archive Extraction (Zip Slip)
bower <1.8.8 npm 25 Jan, 2019
  • H
Arbitrary File Write via Archive Extraction (Zip Slip)
decompress-zip <0.2.2,>=0.3.0 <0.3.2 npm 24 Jan, 2019
  • M
Server-Side Request Forgery (SSRF)
terriajs-server <2.7.4 npm 20 Jan, 2019
  • H
SQL Injection
loopback-connector-mongodb <3.6.0 npm 20 Jan, 2019
  • H
Improper Authorization
loopback >=2.0.0 <2.40.0,>=3.0.0 <3.22.0 npm 20 Jan, 2019
  • M
Cross-site Scripting (XSS)
jquery.terminal <1.21.0 npm 20 Jan, 2019
  • H
Cross-site Scripting (XSS)
bootstrap-vue * npm 20 Jan, 2019
  • H
Directory Traversal
http-live-simulator <1.0.7 npm 20 Jan, 2019
  • H
Malicious Package
portionfatty12 * npm 15 Jan, 2019