Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Show:
Report a new vulnerability
Subscribe to RSS feed
Vulnerability Affects Type Published
  • M
Insecure Credential Comparison 		safe-compare >=1.1.0 <1.1.2 npm 17 Apr, 2018
  • L
Cross-site Scripting (XSS) 		public <=0.1.3 npm 17 Apr, 2018
  • L
Prototype Pollution 		merge-recursive <=0.0.3 npm 17 Apr, 2018
  • L
Prototype Pollution 		merge-options <=1.0.0 npm 17 Apr, 2018
  • L
Prototype Pollution 		merge-objects <=1.0.5 npm 17 Apr, 2018
  • L
Cross-site Scripting (XSS) 		glance <=3.0.5 npm 17 Apr, 2018
  • L
Prototype Pollution 		deap <1.0.1 npm 17 Apr, 2018
  • L
Regular Expression Denial of Service (ReDoS) 		plist >=1.2.0 <3.0.1 npm 15 Apr, 2018
  • L
Regular Expression Denial of Service (ReDoS) 		is-url <1.2.4 npm 15 Apr, 2018
  • L
Regular Expression Denial of Service (ReDoS) 		ducktype <1.2.1 npm 15 Apr, 2018
  • L
Regular Expression Denial of Service (ReDoS) 		simpl-schema <1.5.0 npm 15 Apr, 2018
  • H
Cross-site Scripting (XSS) 		bracket-template * npm 15 Apr, 2018
  • H
Regular Expression Denial of Service (ReDoS) 		sshpk <1.14.1 npm 09 Apr, 2018
  • H
Uninitialized Memory Exposure 		http-proxy-agent <2.0.0 npm 09 Apr, 2018
  • M
Cross-site Request Forgery (CSRF) 		auth0-lock <11.0.0 npm 09 Apr, 2018
  • M
Cross-site Request Forgery (CSRF) 		auth0-js <9.0.0 npm 09 Apr, 2018
  • M
Arbitrary Code Injection 		mol-proto <1.0.6 npm 08 Apr, 2018
  • M
Cross-site Scripting (XSS) 		kibana >=5.1.1 <5.6.6 || >=6.0.0 <6.1.2 npm 08 Apr, 2018
  • H
Denial of Service (DoS) 		kibana <5.2.1 npm 08 Apr, 2018
  • M
Cross-site Scripting (XSS) 		kibana <5.4.1 npm 08 Apr, 2018
  • H
Uninitialized Memory Exposure 		https-proxy-agent <2.2.0 npm 08 Apr, 2018
  • H
Arbitrary Command Injection 		whereis <0.4.1 npm 02 Apr, 2018
  • H
Cross-site Scripting (XSS) 		metascraper * npm 02 Apr, 2018
  • H
Arbitrary Code Execution 		electron >=1.7 <1.7.13 || >=0.8 <1.8.4 || >=2.0.0 <2.0.0-beta.4 npm 27 Mar, 2018
  • M
Improper Input Validation 		insight-api * npm 27 Mar, 2018
  • L
Regular Expression Denial of Service (ReDoS) 		eslint <4.18.2 npm 22 Mar, 2018
  • M
Access Restriction Bypass 		npm <5.7.1 npm 21 Mar, 2018
  • H
XML External Entity (XXE) Injection 		mxgraph <3.7.6 npm 21 Mar, 2018
  • M
Information Exposure 		cordova-plugin-ios-keychain * npm 21 Mar, 2018
  • M
Cross-site Scripting (XSS) 		bui * npm 21 Mar, 2018