Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
npm vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-3773
There is a stored Cross-Site Scripting vulnerability in Open Graph meta properties read by the `metascrape` npm module <= 3.9.2.
Metascraper Project Metascraper
7.5
CVSSv3
CVE-2017-16053
`fabric-js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Fabric-js Project Fabric-js
7.5
CVSSv3
CVE-2017-16059
mssql-node was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Mssql-node Project Mssql-node
7.5
CVSSv3
CVE-2017-16062
node-tkinter was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Node-tkinter Project Node-tkinter
7.5
CVSSv3
CVE-2017-16063
node-opensl was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Node-opensl Project Node-opensl
7.5
CVSSv3
CVE-2017-16064
node-openssl was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Node-openssl Project Node-openssl
7.5
CVSSv3
CVE-2017-16067
node-opencv was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Node-opencv Project Node-opencv
7.5
CVSSv3
CVE-2017-16071
nodemailer-js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Nodemailer-js Project Nodemailer-js
7.5
CVSSv3
CVE-2017-16075
http-proxy.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Http-proxy.js Project Http-proxy.js
7.5
CVSSv3
CVE-2017-16081
cross-env.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Cross-env.js Project Cross-env.js
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »