Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • H
Command Injection
alfred-workflow-nodejs * npm 15 Sep, 2020
  • H
Malicious Package
nagibabel * npm 15 Sep, 2020
  • M
Information Exposure
renovate >=19.180.0 <23.25.1 npm 15 Sep, 2020
  • L
Cross-site Scripting (XSS)
flsaba * npm 14 Sep, 2020
  • H
Prototype pollution
keyd * npm 14 Sep, 2020
  • H
Prototype pollution
objtools * npm 14 Sep, 2020
  • H
Remote Code Execution (RCE)
notevil * npm 14 Sep, 2020
  • M
Denial of Service (DoS)
passport-azure-ad <4.3.0 npm 14 Sep, 2020
  • M
Cross-site Scripting (XSS)
trezor-connect <8.1.12 npm 13 Sep, 2020
  • H
Cross-site Scripting (XSS)
joplin <1.1.1 npm 13 Sep, 2020
  • M
Denial of Service
node-fetch <2.6.1,>=3.0.0-beta.1 <3.0.0-beta.9 npm 11 Sep, 2020
  • M
Prototype Pollution
json-logic-js * npm 11 Sep, 2020
  • H
Denial of Service (DoS)
bcoin >=1.0.0-pre <1.0.2 npm 11 Sep, 2020
  • M
Cross-site Scripting (XSS)
zulip <5.4.3 npm 11 Sep, 2020
  • M
Improper Input Validation
personnummer <3.1.0 npm 10 Sep, 2020
  • M
Denial of Service (DoS)
hermes-engine <0.7.0 npm 10 Sep, 2020
  • M
Out-of-Bounds
hermes-engine <0.7.0 npm 10 Sep, 2020
  • M
Denial of Service (DoS)
hermes-engine <0.7.0 npm 10 Sep, 2020
  • M
Authentication Bypass
node-lemonldap-ng-handler <0.5.2 npm 10 Sep, 2020
  • M
Cross-site Scripting (XSS)
bitcore-node <8.22.2 npm 10 Sep, 2020
  • M
Improper Authorization
parse-server * npm 10 Sep, 2020
  • H
Arbitrary Code Execution
sanitize-html <2.0.0-beta npm 07 Sep, 2020
  • H
Server-side Request Forgery (SSRF)
@uppy/companion <1.9.3 npm 06 Sep, 2020
  • H
Prototype Pollution
extend-merge <1.0.6 npm 06 Sep, 2020
  • H
Directory Traversal
static-server-gx * npm 03 Sep, 2020
  • H
Cross-site Scripting (XSS)
gitbook <3.2.2 npm 02 Sep, 2020
  • H
Command Injection
bestzip <2.1.7 npm 02 Sep, 2020
  • H
Arbitrary Code Execution
infraserver * npm 02 Sep, 2020
  • H
Prototype Pollution
gedi * npm 01 Sep, 2020
  • H
Prototype Pollution
safe-object2 * npm 01 Sep, 2020