Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • M
Insecure Credential Comparison
safe-compare >=1.1.0 <1.1.2 npm 17 Apr, 2018
  • L
Cross-site Scripting (XSS)
public <=0.1.3 npm 17 Apr, 2018
  • L
Prototype Pollution
merge-recursive <=0.0.3 npm 17 Apr, 2018
  • L
Prototype Pollution
merge-options <=1.0.0 npm 17 Apr, 2018
  • L
Prototype Pollution
merge-objects <=1.0.5 npm 17 Apr, 2018
  • L
Cross-site Scripting (XSS)
glance <=3.0.5 npm 17 Apr, 2018
  • L
Prototype Pollution
deap <1.0.1 npm 17 Apr, 2018
  • L
Regular Expression Denial of Service (ReDoS)
plist >=1.2.0 <3.0.1 npm 15 Apr, 2018
  • L
Regular Expression Denial of Service (ReDoS)
is-url <1.2.4 npm 15 Apr, 2018
  • L
Regular Expression Denial of Service (ReDoS)
ducktype <1.2.1 npm 15 Apr, 2018
  • L
Regular Expression Denial of Service (ReDoS)
simpl-schema <1.5.0 npm 15 Apr, 2018
  • H
Cross-site Scripting (XSS)
bracket-template * npm 15 Apr, 2018
  • H
Regular Expression Denial of Service (ReDoS)
sshpk <1.14.1 npm 09 Apr, 2018
  • H
Uninitialized Memory Exposure
http-proxy-agent <2.0.0 npm 09 Apr, 2018
  • M
Cross-site Request Forgery (CSRF)
auth0-lock <11.0.0 npm 09 Apr, 2018
  • M
Cross-site Request Forgery (CSRF)
auth0-js <9.0.0 npm 09 Apr, 2018
  • M
Arbitrary Code Injection
mol-proto <1.0.6 npm 08 Apr, 2018
  • M
Cross-site Scripting (XSS)
kibana >=5.1.1 <5.6.6 || >=6.0.0 <6.1.2 npm 08 Apr, 2018
  • H
Denial of Service (DoS)
kibana <5.2.1 npm 08 Apr, 2018
  • M
Cross-site Scripting (XSS)
kibana <5.4.1 npm 08 Apr, 2018
  • H
Uninitialized Memory Exposure
https-proxy-agent <2.2.0 npm 08 Apr, 2018
  • H
Arbitrary Command Injection
whereis <0.4.1 npm 02 Apr, 2018
  • H
Cross-site Scripting (XSS)
metascraper * npm 02 Apr, 2018
  • H
Arbitrary Code Execution
electron >=1.7 <1.7.13 || >=0.8 <1.8.4 || >=2.0.0 <2.0.0-beta.4 npm 27 Mar, 2018
  • M
Improper Input Validation
insight-api * npm 27 Mar, 2018
  • L
Regular Expression Denial of Service (ReDoS)
eslint <4.18.2 npm 22 Mar, 2018
  • M
Access Restriction Bypass
npm <5.7.1 npm 21 Mar, 2018
  • H
XML External Entity (XXE) Injection
mxgraph <3.7.6 npm 21 Mar, 2018
  • M
Information Exposure
cordova-plugin-ios-keychain * npm 21 Mar, 2018
  • M
Cross-site Scripting (XSS)
bui * npm 21 Mar, 2018