| 1 |
DNS rebinding in --inspect (insufficient fix of CVE-2018-7160) |
$500.0 |
| 2 |
Malformed HTTP/2 SETTINGS frame leads to reachable assert |
$250.0 |
| 3 |
napi_get_value_string_X allow various kinds of memory corruption |
$250.0 |
| 4 |
Fastify uses allErrors: true ajv configuration by default which is susceptible to DoS |
$250.0 |
| 5 |
Potential HTTP Request Smuggling in nodejs |
$250.0 |
| 6 |
DNS Max Responses for DOS |
$250.0 |
| 7 |
Denial of Service by resource exhaustion CWE-400 due to unfinished HTTP/1.1 requests |
$250.0 |
| 8 |
Slowloris, body parsing |
$250.0 |
| 9 |
HTTP Request Smuggling due to accepting space before colon |
$250.0 |
| 10 |
HTTP Request Smuggling due to ignoring chunk extensions |
$250.0 |
| 11 |
Built-in TLS module unexpectedly treats "rejectUnauthorized: undefined" as "rejectUnauthorized: false", disabling all certificate validation |
$150.0 |
| 12 |
[serve-here] Static Web Server Directory Traversal via Crafted GET Request |
$0.0 |
| 13 |
[featurebook] Specification Server Directory Traversal via Crafted Browser Request |
$0.0 |
| 14 |
[redis-commander] Reflected SWF XSS via vulnerable "clipboard.swf" component |
$0.0 |
| 15 |
[lactate] Static Web Server Directory Traversal via Crafted GET Request |
$0.0 |
| 16 |
[augustine] Static Web Server Directory Traversal via Crafted GET Request |
$0.0 |
| 17 |
[serve] Directory index of arbitrary folder available due to lack of sanitization of %2e and %2f characters in url |
$0.0 |
| 18 |
[html-janitor] Bypassing sanitization using DOM clobbering |
$0.0 |
| 19 |
[html-janitor] Passing user-controlled data to clean() leads to XSS |
$0.0 |
| 20 |
Prototype pollution attack (lodash) |
$0.0 |
| 21 |
Prototype pollution attack (Hoek) |
$0.0 |
| 22 |
Prototype pollution attack (mixin-deep) |
$0.0 |
| 23 |
Prototype pollution attack (assign-deep) |
$0.0 |
| 24 |
Prototype pollution attack (merge-deep) |
$0.0 |
| 25 |
Prototype pollution attack (defaults-deep) |
$0.0 |
| 26 |
[public] Path Traversal allows to read content of arbitrary files |
$0.0 |
| 27 |
[crud-file-server] Stored XSS in filenames when directory index is served by crud-file-server |
$0.0 |
| 28 |
Path Traversal on Resolve-Path |
$0.0 |
| 29 |
[localhost-now] Path Traversal allows to read content of arbitrary file |
$0.0 |
| 30 |
[626] Path Traversal allows to read arbitrary file from remote server |
$0.0 |
| 31 |
[anywhere] An iframe element with url to malicious HTML file (with eg. JavaScript malware) can be used as filename and served via anywhere |
$0.0 |
| 32 |
[simplehttpserver] Stored XSS in file names leads to malicious JavaScript code execution when directory listing is output in HTML |
$0.0 |
| 33 |
[hekto] Path Traversal vulnerability allows to read content of arbitrary files |
$0.0 |
| 34 |
[uppy] Stored XSS due to crafted SVG file |
$0.0 |
| 35 |
[angular-http-server] Path Traversal in angular-http-server.js allows to read arbitrary file from the remote server |
$0.0 |
| 36 |
[simple-server] HTML with iframe element can be used as filename, which might lead to load and execute malicious JavaScript |
$0.0 |
| 37 |
[glance] Path Traversal in glance static file server allows to read content of arbitrary file |
$0.0 |
| 38 |
[stattic] Inproper path validation leads to Path Traversal and allows to read arbitrary files with any extension(s) |
$0.0 |
| 39 |
[node-srv] Path Traversal allows to read arbitrary files from remote server |
$0.0 |
| 40 |
[general-file-server] Path Traversal vulnerability allows to read content on arbitrary file on the server |
$0.0 |
| 41 |
[serve] Directory listing and File access even when they have been set to be ignored. |
$0.0 |
| 42 |
[metascraper] Stored XSS in Open Graph meta properties read by metascrapper |
$0.0 |
| 43 |
whereis concatenates unsanitized input into exec() command |
$0.0 |
| 44 |
protobufjs is vulnerable to ReDoS when parsing crafted invalid *.proto files |
$0.0 |
| 45 |
https-proxy-agent passes unsanitized options to Buffer(arg), resulting in DoS and uninitialized memory leak |
$0.0 |
| 46 |
[crud-file-server] Path Traversal allows to read arbitrary file from the server |
$0.0 |
| 47 |
sshpk is vulnerable to ReDoS when parsing crafted invalid public keys |
$0.0 |
| 48 |
http-proxy-agent passes unsanitized options to Buffer(arg), resulting in DoS and uninitialized memory leak |
$0.0 |
| 49 |
atob allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below |
$0.0 |
| 50 |
[bracket-template] Reflected XSS possible when variable passed via GET parameter is used in template |
$0.0 |
| 51 |
[public] Stored XSS in filenames in directory served by public |
$0.0 |
| 52 |
[glance] Stored XSS via file name allows to run arbitrary JavaScript when directory listing is displayed in browser |
$0.0 |
| 53 |
Prototype pollution attack (deap) |
$0.0 |
| 54 |
Prototype pollution attack (deep-extend) |
$0.0 |
| 55 |
Prototype pollution attack (merge-recursive) |
$0.0 |
| 56 |
Prototype pollution attack (merge-options) |
$0.0 |
| 57 |
Prototype pollution attack (merge-objects) |
$0.0 |
| 58 |
[pdfinfojs] Command Injection on filename parameter |
$0.0 |
| 59 |
[mcstatic] Path Traversal allows to read content of arbitrary files |
$0.0 |
| 60 |
[cloudcmd] Stored XSS in the filename when directories listing |
$0.0 |
| 61 |
[angular-http-server] Server Directory Traversal |
$0.0 |
| 62 |
concat-with-sourcemaps allocates uninitialized Buffers when number is passed as a separator |
$0.0 |
| 63 |
foreman is vulnerable to ReDoS in path |
$0.0 |
| 64 |
superstatic is vulnerable to path traversal on Windows |
$0.0 |
| 65 |
stringstream allocates uninitialized Buffers when number is passed in input stream on Node.js 4.x and below |
$0.0 |
| 66 |
fs-path concatenates unsanitized input into exec()/execSync() commands |
$0.0 |
| 67 |
Bypass to defective fix of Path Traversal |
$0.0 |
| 68 |
[buttle] Remote Command Execution via unsanitized PHP filename when it's run with --php-bin flag |
$0.0 |
| 69 |
command-exists concatenates unsanitized input into exec()/execSync() commands |
$0.0 |
| 70 |
macaddress concatenates unsanitized input into exec() command |
$0.0 |
| 71 |
base64url allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below |
$0.0 |
| 72 |
byte allocates uninitialized buffers and reads data from them past the initialized length |
$0.0 |
| 73 |
npmconf (and npm js api) allocate and write to disk uninitialized memory content when a typed number is passed as input on Node.js 4.x |
$0.0 |
| 74 |
sql does not properly escape parameters when building SQL queries, resulting in potential SQLi |
$0.0 |
| 75 |
base64-url below 2.0 allocates uninitialized Buffers when number is passed in input |
$0.0 |
| 76 |
The react-marked-markdown module allows XSS injection in href values. |
$0.0 |
| 77 |
[query-mysql] SQL Injection due to lack of user input sanitization allows to run arbitrary SQL queries when fetching data from database |
$0.0 |
| 78 |
[html-pages] Path Traversal in html-pages module allows to read any file from the server with curl |
$0.0 |
| 79 |
[hekto] open redirect when target domain name is used as html filename on server |
$0.0 |
| 80 |
[sexstatic] HTML injection in directory name(s) leads to Stored XSS when malicious file is embed with <iframe> element used in directory name |
$0.0 |
| 81 |
Command injection in 'pdf-image' |
$0.0 |
| 82 |
[serve] Directory listing and File access even when they have been set to be ignored (using dot-slash) |
$0.0 |
| 83 |
[localhost-now] bypassing url filter which leads to read content of arbitrary file |
$0.0 |
| 84 |
[serve] Directory listing and File access even when they have been set to be ignored |
$0.0 |
| 85 |
Unrestricted file upload (RCE) |
$0.0 |
| 86 |
registry.nodejs.org Subdomain Takeover |
$0.0 |
| 87 |
[public] Stored XSS in the filename when directories listing |
$0.0 |
| 88 |
[html-pages] Stored XSS in the filename when directories listing |
$0.0 |
| 89 |
[mcstatic] Server Directory Traversal |
$0.0 |
| 90 |
put allocates uninitialized Buffers when non-round numbers are passed in input |
$0.0 |
| 91 |
utile allocates uninitialized Buffers when number is passed in input |
$0.0 |
| 92 |
[file-static-server] Path Traversal allows to read content of arbitrary file on the server |
$0.0 |
| 93 |
Remote Command Execution vulnerability in pullit |
$0.0 |
| 94 |
njwt allocates uninitialized Buffers when number is passed in base64urlEncode input |
$0.0 |
| 95 |
Insecure implementation of deserialization in funcster |
$0.0 |
| 96 |
[git-dummy-commit] Command injection on the msg parameter |
$0.0 |
| 97 |
npm packages that overlap with core node packages |
$0.0 |
| 98 |
Insecure implementation of deserialization in cryo |
$0.0 |
| 99 |
[buttle] Path traversal in mid-buttle module allows to read any file in the server. |
$0.0 |
| 100 |
memjs allocates and stores buffers on typed input, resulting in DoS and uninitialized memory usage |
$0.0 |
| 101 |
Privilage escalation with malicious .npmrc |
$0.0 |
| 102 |
[serve] Server Directory Traversal |
$0.0 |
| 103 |
[buttle] HTML Injection in filename leads to XSS when directory listing is displayed in the browser |
$0.0 |
| 104 |
[bruteser] Path Traversal allows to read content of arbitrary file |
$0.0 |
| 105 |
XSS in express-useragent through HTTP User-Agent |
$0.0 |
| 106 |
Privilege escalation allows any user to add an administrator |
$0.0 |
| 107 |
[m-server] Path Traversal allows to display content of arbitrary file(s) from the server |
$0.0 |
| 108 |
[m-server] HTML Injection in filenames displayed as directory listing in the browser allows to embed iframe with malicious JavaScript code |
$0.0 |
| 109 |
[statics-server] XSS via injected iframe in file name when statics-server displays directory index in the browser |
$0.0 |
| 110 |
Your page has 2 blocking CSS resources. This causes a delay in rendering your page. |
$0.0 |
| 111 |
[entitlements] Command injection on the 'path' parameter |
$0.0 |
| 112 |
Stored XSS in Node-Red |
$0.0 |
| 113 |
[ponse] Path traversal in ponse module allows to read any file on server |
$0.0 |
| 114 |
[markdown-pdf] Local file reading |
$0.0 |
| 115 |
stored xss in scrape-metadata when reading metadata from an html page |
$0.0 |
| 116 |
url-parse package return wrong hostname |
$0.0 |
| 117 |
Command Injection Vulnerability in win-fork/win-spawn Packages |
$0.0 |
| 118 |
Arbitrary File Write Through Archive Extraction |
$0.0 |
| 119 |
Arbitrary File Write through archive extraction |
$0.0 |
| 120 |
[flintcms] Account takeover due to blind MongoDB injection in password reset |
$0.0 |
| 121 |
[egg-scripts] Command injection |
$0.0 |
| 122 |
Prototype pollution attack (extend) |
$0.0 |
| 123 |
[simplehttpserver] List any file in the folder by using path traversal. |
$0.0 |
| 124 |
[exceljs] Possible XSS via cell value when worksheet is displayed in browser |
$0.0 |
| 125 |
[samsung-remote] Command injection |
$0.0 |
| 126 |
Command Injection is ps Package |
$0.0 |
| 127 |
[ascii-art] Command injection |
$0.0 |
| 128 |
[express-cart] Customer and admin email enumeration through MongoDB injection |
$0.0 |
| 129 |
http-live-simulator npm module is prone to path traversal attacks |
$0.0 |
| 130 |
Prototype pollution attack (defaults-deep / constructor.prototype) |
$0.0 |
| 131 |
Prototype pollution attack (merge.recursive) |
$0.0 |
| 132 |
Command Injection Vulnerability in libnmap Package |
$0.0 |
| 133 |
[apex-publish-static-files] Command Injection on connectString |
$0.0 |
| 134 |
[serve] XSS via HTML tag injection in directory lisiting page |
$0.0 |
| 135 |
[serve] Stored XSS in the filename when directories listing |
$0.0 |
| 136 |
Samlify is vulnerable to signature wrapping |
$0.0 |
| 137 |
Code Injection Vulnerability in morgan Package |
$0.0 |
| 138 |
[knightjs] Path Traversal allows to read content of arbitrary files |
$0.0 |
| 139 |
[takeapeek] Path traversal allow to expose directory and files |
$0.0 |
| 140 |
[tianma-static] Stored xss on filename |
$0.0 |
| 141 |
Prototype Pollution Vulnerability in cached-path-relative Package |
$0.0 |
| 142 |
Prototype pollution attack (mergify) |
$0.0 |
| 143 |
List any file in the folder by using path traversal |
$0.0 |
| 144 |
flatmap-stream malicious package (distributed via the popular events-stream) |
$0.0 |
| 145 |
Prototype pollution attack in just-extend |
$0.0 |
| 146 |
Prototype Pollution Vulnerability in mpath Package |
$0.0 |
| 147 |
Prototype pollution attack in node.extend |
$0.0 |
| 148 |
Prototype pollution attack (lutils-merge) |
$0.0 |
| 149 |
[http-live-simulator] Path traversal vulnerability |
$0.0 |
| 150 |
[static-resource-server] Path Traversal allows to read content of arbitrary file on the server |
$0.0 |
| 151 |
[buttle] Unsafe rendering of Markdown files |
$0.0 |
| 152 |
Command Injection Vulnerability in kill-port Package |
$0.0 |
| 153 |
[bower] Arbitrary File Write through improper validation of symlinks while package extraction |
$0.0 |
| 154 |
Prototype pollution attack (upmerge) |
$0.0 |
| 155 |
[serve] Access unlisted internal files/folders revealing sensitive information |
$0.0 |
| 156 |
Reflected XSS in the npm module express-cart. |
$0.0 |
| 157 |
[glance] Access unlisted internal files/folders revealing sensitive information |
$0.0 |
| 158 |
[typeorm] SQL Injection |
$0.0 |
| 159 |
Prototype pollution attack through jQuery $.extend |
$0.0 |
| 160 |
Code Injection Vulnerability in dot Package |
$0.0 |
| 161 |
Remote code executio in NPM package getcookies |
$0.0 |
| 162 |
Regular Expression Denial of Service (ReDoS) |
$0.0 |
| 163 |
[statics-server] Path Traversal due to lack of provided path sanitization |
$0.0 |
| 164 |
Media parsing in canvas is at least vulnerable to Denial of Service through multiple vulnerabilities |
$0.0 |
| 165 |
[servey] Path Traversal allows to retrieve content of any file with extension from remote server |
$0.0 |
| 166 |
Prototype pollution attack (smart-extend) |
$0.0 |
| 167 |
Arbitrary file overwrites in node-tar |
$0.0 |
| 168 |
useragent is vulnerable to ReDoS in user-agent string |
$0.0 |
| 169 |
typeorm does not properly escape parameters when building SQL queries, resulting in potential SQLi |
$0.0 |
| 170 |
[harp] Unsafe rendering of Markdown files |
$0.0 |
| 171 |
[harp] File access even when they have been set to be ignored. |
$0.0 |
| 172 |
[harp] Path traversal using symlink |
$0.0 |
| 173 |
A specifically malformed MQTT Subscribe packet crashes MQTT Brokers using the mqtt-packet module for decoding |
$0.0 |
| 174 |
XSS in Bootbox |
$0.0 |
| 175 |
[untitled-model] sql injection |
$0.0 |
| 176 |
[serve-here.js] List any file in the folder by using path traversal. |
$0.0 |
| 177 |
[takeapeek] XSS via HTML tag injection in directory lisiting page |
$0.0 |
| 178 |
[domokeeper] Unintended Require |
$0.0 |
| 179 |
[http-file-server] List any files and sub folders in the folder by using path traversal. |
$0.0 |
| 180 |
[min-http-server] Stored XSS in the filename when directories listing |
$0.0 |
| 181 |
[http-file-server] Stored XSS in the filename when directories listing |
$0.0 |
| 182 |
Yarn transfers npm credentials over unencrypted http connection |
$0.0 |
| 183 |
Multiple HTTP/2 DOS Issues |
$0.0 |
| 184 |
[larvitbase-api] Unintended Require |
$0.0 |
| 185 |
[statichttpserver] List any file in the folder by using path traversal. |
$0.0 |
| 186 |
[public] Path traversal using symlink |
$0.0 |
| 187 |
environment variable leakage in error reporting |
$0.0 |
| 188 |
[larvitbase-www] Unintended Require |
$0.0 |
| 189 |
gitlabhook OS Command Injection |
$0.0 |
| 190 |
[http_server] Stored XSS in the filename when directories listing |
$0.0 |
| 191 |
[https-proxy-agent] Socket returned without TLS upgrade on non-200 CONNECT response, allowing request data to be sent over unencrypted connection |
$0.0 |
| 192 |
Application level denial of service due to shutting down the server |
$0.0 |
| 193 |
Trojan:JS/CoinMiner in npm files |
$0.0 |
| 194 |
Path traversal using symlink |
$0.0 |
| 195 |
Command Injection in npm module name passed as an argument to pm2.install() function |
$0.0 |
| 196 |
Command Injection due to lack of sanitisation of tar.gz filename passed as an argument to pm2.install() function |
$0.0 |
| 197 |
[node-df] RCE via insecure command concatenation |
$0.0 |
| 198 |
indexFile option passed as an argument to node-server can lead to arbitrary file read |
$0.0 |
| 199 |
[treekill] RCE via insecure command concatenation (only Windows) |
$0.0 |
| 200 |
Lodash "difference" (possibly others) Function Denial of Service Through Unvalidated Input |
$0.0 |
| 201 |
[tree-kill] RCE via insecure command concatenation (only Windows) |
$0.0 |
| 202 |
Path traversal in https://www.npmjs.com/package/http_server via symlink |
$0.0 |
| 203 |
Prototype pollution attack (lodash / constructor.prototype) |
$0.0 |
| 204 |
Server Side JavaScript Code Injection |
$0.0 |
| 205 |
Fastify denial-of-service vulnerability with large JSON payloads |
$0.0 |
| 206 |
rgb2hex is vulnerable to ReDoS when parsing crafted invalid colors |
$0.0 |
| 207 |
[open] concatenation of unsanitized input into exec() command |
$0.0 |
| 208 |
Lack of input validation and sanitization in react-autolinker-wrapper library causes XSS |
$0.0 |
| 209 |
[fileview] Inadequate Output Encoding and Escaping |
$0.0 |
| 210 |
[webpack-bundle-analyzer] Cross-site Scripting |
$0.0 |
| 211 |
[seeftl] Stored XSS when directory listing via filename. |
$0.0 |
| 212 |
[atlasboard-atlassian-package] Cross-site Scripting (XSS) |
$0.0 |
| 213 |
[express-laravel-passport] Improper Authentication |
$0.0 |
| 214 |
Hostname spoofing |
$0.0 |
| 215 |
CRLF Injection in legacy url API (url.parse().hostname) |
$0.0 |
| 216 |
[meta-git] RCE via insecure command formatting |
$0.0 |
| 217 |
Stored XSS (Hexo-admin plugin) |
$0.0 |
| 218 |
[npm-git-publish] RCE via insecure command formatting |
$0.0 |
| 219 |
[node-red] Stored XSS within Flow's - "Name" field |
$0.0 |
| 220 |
Http request splitting |
$0.0 |
| 221 |
Use After Free in crypto.randomFill |
$0.0 |
| 222 |
url.parse() hostname spoofing via javascript: URIs |
$0.0 |
| 223 |
Http response is not ended although underlying socket is already destroyed |
$0.0 |
| 224 |
[klona] Prototype pollution |
$0.0 |
| 225 |
[url-parse] Improper Validation and Sanitization |
$0.0 |
| 226 |
Prototype pollution in dot-prop |
$0.0 |
| 227 |
Denial Of Service in Strapi Framework using argument injection |
$0.0 |
| 228 |
[file-browser] Inadequate Output Encoding and Escaping |
$0.0 |
| 229 |
[md-fileserver] Path Traversal |
$0.0 |
| 230 |
[deliver-or-else] Path Traversal |
$0.0 |
| 231 |
Command Injection vulnerability in kill-port-process package |
$0.0 |
| 232 |
[@azhou/basemodel] SQL injection |
$0.0 |
| 233 |
[listening-processes] Command Injection |
$0.0 |
| 234 |
[increments] sql injection |
$0.0 |
| 235 |
[script-manager] Unintended require |
$0.0 |
| 236 |
[jsreport] Remote Code Execution |
$0.0 |
| 237 |
Vulnerability in http-parser & embedded NULL header handling |
$0.0 |
| 238 |
HTTP/2 Denial of Service Vulnerability |
$0.0 |
| 239 |
Denial of Service: nghttp2 use of uninitialized pointer |
$0.0 |
| 240 |
Out of order TLS handshake / application data messages lead to segmentation fault |
$0.0 |
| 241 |
Pull Request #12949 - Security Implications without CVE assignment |
$0.0 |
| 242 |
Fix for CVE-2018-12122 can be bypassed via keep-alive requests |
$0.0 |
| 243 |
Filesystem Writes via yarn install via symlinks and tar transforms inside a crafted malicious package |
$0.0 |
| 244 |
[reveal.js] XSS by calling arbitrary method via postMessage |
$0.0 |
| 245 |
Several simple remote code execution in pdf-image |
$0.0 |
| 246 |
[yarn] yarn.lock integrity & hash check logic is broken |
$0.0 |
| 247 |
Prototype pollution in multipart parsing |
$0.0 |
| 248 |
Server Side Request Forgery in Uppy npm module |
$0.0 |
| 249 |
Server-Side Request Forgery (SSRF) in Ghost CMS |
$0.0 |
| 250 |
[blamer] RCE via insecure command formatting |
$0.0 |
| 251 |
[htmr] DOM-based XSS |
$0.0 |
| 252 |
[utils-extend] Prototype pollution |
$0.0 |
| 253 |
[git-promise] RCE via insecure command formatting |
$0.0 |
| 254 |
[Total.js] Path traversal vulnerability allows to read files outside public directory |
$0.0 |
| 255 |
Crash Node.js process from handlebars using a small and simple source |
$0.0 |
| 256 |
Prototype pollution attack (lodash) |
$0.0 |
| 257 |
[logkitty] RCE via insecure command formatting |
$0.0 |
| 258 |
Pixel flood attack cause the javascript heap out of memory |
$0.0 |
| 259 |
OS Command Injection on Jison [all-parser-ports] |
$0.0 |
| 260 |
[Limited bypass of #793704] Blind SSRF in Ghost CMS |
$0.0 |
| 261 |
[crypto-js] Insecure entropy source - Math.random() |
$0.0 |
| 262 |
loader.js is not secure |
$0.0 |
| 263 |
[devcert] Command Injection via insecure command formatting |
$0.0 |
| 264 |
[wappalyzer] ReDoS allows an attacker to completely break Wappalyzer |
$0.0 |
| 265 |
[sapper] Path Traversal |
$0.0 |
| 266 |
bunyan - RCE via insecure command formatting |
$0.0 |
| 267 |
[Uppy] Internal Server side request forgery (bypass of #786956) |
$0.0 |
| 268 |
Node.js HTTP/2 Large Settings Frame DoS |
$0.0 |
| 269 |
Child process environment injection via prototype pollution |
$0.0 |
| 270 |
Remotely trigger an assertion on a TLS server with a malformed certificate string |
$0.0 |
| 271 |
Node.js: TLS session reuse can lead to hostname verification bypass |
$0.0 |
| 272 |
HTTP request smuggling using malformed Transfer-Encoding header |
$0.0 |
| 273 |
HTTP header values do not have trailing OWS trimmed |
$0.0 |
| 274 |
[express-cart] Wide CSRF in application |
$0.0 |
| 275 |
[diskstats] Command Injection via insecure command concatenation |
$0.0 |
| 276 |
[xps] Command Injection via insecure command concatenation |
$0.0 |
| 277 |
SQL Injection or Denial of Service due to a Prototype Pollution |
$0.0 |
| 278 |
[is-my-json-valid] ReDoS via 'style' format |
$0.0 |
| 279 |
Arbitrary code execution via untrusted schemas in is-my-json-valid |
$0.0 |
| 280 |
[wappalyzer] ReDoS allows an attacker to completely break Wappalyzer |
$0.0 |
| 281 |
Arbitrary code execution via untrusted schemas in ajv |
$0.0 |
| 282 |
[vboxmanage.js] Command Injection via insecure command concatenation |
$0.0 |
| 283 |
[object-path-set] Prototype pollution |
$0.0 |
| 284 |
[extra-ffmpeg] Command Injection via insecure command formatting |
$0.0 |
| 285 |
[supermixer] Prototype pollution |
$0.0 |
| 286 |
Prototype Pollution lodash 4.17.15 |
$0.0 |
| 287 |
[extra-asciinema] Command Injection via insecure command formatting |
$0.0 |
| 288 |
[meemo-app] Denial of Service via LDAP Injection |
$0.0 |
| 289 |
[cloudron-surfer] Denial of Service via LDAP Injection |
$0.0 |
| 290 |
[windows-edge] RCE via insecure command formatting |
$0.0 |
| 291 |
Prototype pollution attack (lodash) |
$0.0 |
| 292 |
[json-bigint] DoS via __proto__ assignment |
$0.0 |
| 293 |
[min-http-server] List any file in the folder by using path traversal. |
$0.0 |
| 294 |
[bl] Uninitialized memory exposure via negative .consume() |
$0.0 |
| 295 |
[notevil] - Sandbox Escape Lead to RCE on Node.js and XSS in the Browser |
$0.0 |
| 296 |
[sirloin] Web Server Directory Traversal via Crafted GET Request |
$0.0 |
| 297 |
[hangersteak] Web Server Directory Traversal via Crafted GET Request |
$0.0 |
| 298 |
[static-server-gx] Path Traversal allowing to read any files on the server |
$0.0 |
| 299 |
[extend-merge] Prototype pollution |
$0.0 |
| 300 |
[keyd] Prototype pollution |
$0.0 |
| 301 |
[objtools] Prototype pollution |
$0.0 |
| 302 |
[flsaba] Stored XSS in the file and directory name when directories listing |
$0.0 |
| 303 |
[authmagic-timerange-stateless-core] Improper Authentication |
$0.0 |
| 304 |
[@knutkirkhorn/free-space] - Command Injection through Lack of Sanitization |
$0.0 |
| 305 |
property-expr - Prototype pollution |
$0.0 |
| 306 |
[git-lib] RCE via insecure command formatting |
$0.0 |
| 307 |
[hnzserver] Path Traversal allowing to read any files on the server |
$0.0 |
| 308 |
[http_server] Path Traversal allowing to read any files on the server |
$0.0 |
| 309 |
[gity] RCE via insecure command formatting |
$0.0 |
| 310 |
[commit-msg] RCE via insecure command formatting |
$0.0 |
| 311 |
[snekserve] Stored XSS via filenames HTML formatted |
$0.0 |
| 312 |
[m-server] XSS reflected because path does not escapeHtml |
$0.0 |
| 313 |
[tianma-static] Security issue with XSS. |
$0.0 |
| 314 |
[freespace] Command Injection due to Lack of Sanitization |
$0.0 |
| 315 |
[json8-merge-patch] Prototype Pollution |
$0.0 |
| 316 |
[create-git] RCE via insecure command formatting |
$0.0 |
| 317 |
[http-live-simulator] Application-level DoS |
$0.0 |
| 318 |
[nested-property] Prototype Pollution |
$0.0 |
| 319 |
[gfc] Command Injection via insecure command formatting |
$0.0 |
| 320 |
[ts-dot-prop] Prototype Pollution |
$0.0 |
| 321 |
[expressjs-ip-control] Whitelist IP bypass leads to authorization bypass and sensitive info disclosure |
$0.0 |
| 322 |
[zenn-cli] Path traversal on Windows allows the attacker to read arbitrary .md files |
$0.0 |
| 323 |
[node-downloader-helper] Path traversal via Content-Disposition header |
$0.0 |
| 324 |
[systeminformation] Command Injection via insecure command formatting |
$0.0 |
| 325 |
[@firebase/util] Prototype pollution |
$0.0 |
| 326 |
[last-commit-log] Command Injection |
$0.0 |
| 327 |
[chart.js] Prototype pollution |
$0.0 |
| 328 |
Default behavior of Fastifys versioned routes can be used for cache poisoning when Fastify is used in combination with a http cache / CDN |
$0.0 |
| 329 |
[dy-server2] - stored Cross-Site Scripting |
$0.0 |
| 330 |
[arpping] Remote Code Execution |
$0.0 |
| 331 |
[imagickal] Remote Code Execution |
$0.0 |
| 332 |
[curling] Remote Code Execution |
$0.0 |
| 333 |
[socket.io] Cross-Site Websocket Hijacking |
$0.0 |
| 334 |
Node.js: use-after-free in TLSWrap |
$0.0 |
| 335 |
[plain-object-merge] Prototype pollution |
$0.0 |
| 336 |
HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion |
$0.0 |
| 337 |
HTTP Request Smuggling due to CR-to-Hyphen conversion |
$0.0 |
| 338 |
fs.realpath.native on darwin may cause buffer overflow |
$0.0 |
| 339 |
[wireguard-wrapper] Command Injection via insecure command concatenation |
$0.0 |
| 340 |
[i18next] Prototype pollution attack |
$0.0 |
| 341 |
Unexpected input validation of octal literals in nodejs v15.12.0 and below returns defined values for all undefined octal literals. |
$0.0 |
| 342 |
Bypass of SSRF Vulnerability |
$0.0 |
| 343 |
Prototype Pollution Vulnerability in noble Package |
$0.0 |
| 344 |
Server-side Template Injection in lodash.js |
$0.0 |
| 345 |
Node Installer Local Privilege Escalation |
$0.0 |
| 346 |
OOB read in libuv |
$0.0 |
| 347 |
Improper handling of untypical characters in domain names |
$0.0 |
| 348 |
Prototype pollution via console.table properties |
$0.0 |
| 349 |
Node.js Certificate Verification Bypass via String Injection |
$0.0 |
| 350 |
HTTP Request Smuggling Due to Incorrect Parsing of Multi-line Transfer-Encoding |
$0.0 |
| 351 |
HTTP Request Smuggling Due To Improper Delimiting of Header Fields |
$0.0 |
| 352 |
HTTP Request Smuggling Due to Flawed Parsing of Transfer-Encoding |
$0.0 |
| 353 |
Undici does not use CONNECT or otherwise validate upstream HTTPS certificates when using a proxy |
$0.0 |
| 354 |
Off-by-slash vulnerability in nodejs.org and iojs.org |
$0.0 |
| 355 |
DNS rebinding in --inspect (insufficient fix of CVE-2022-32212 affecting macOS devices) |
$0.0 |
| 356 |
HTTP Request Smuggling Due to Incorrect Parsing of Multi-line Transfer-Encoding (improper fix for CVE-2022-32215) |
$0.0 |
| 357 |
Node 18 reads openssl.cnf from /home/iojs/build/... upon startup on MacOS |
$0.0 |
| 358 |
CVE-2022-32213 bypass via obs-fold mechanic |
$0.0 |
| 359 |
HTTP Request Smuggling Due to Incorrect Parsing of Header Fields |
$0.0 |
| 360 |
Weak randomness in WebCrypto keygen |
$0.0 |
| 361 |
DNS rebinding in --inspect via invalid octal IP address |
$0.0 |
| 362 |
Take over subdomain undici.nodejs.org.cdn.cloudflare.net |
$0.0 |
| 363 |
Multiple OpenSSL error handling issues in nodejs crypto library |
$0.0 |
| 364 |
CRLF Injection in Nodejs ‘undici’ via host |
$0.0 |
| 365 |
Insecure loading of ICU data through ICU_DATA environment variable |
$0.0 |
| 366 |
Regular Expression Denial of Service in Headers |
$0.0 |
| 367 |
Permissions policies can be bypassed via process.mainModule |
$0.0 |
| 368 |
HTTP Request Smuggling via Empty headers separated by CR |
$0.0 |
| 369 |
OpenSSL engines can be used to bypass and/or disable the permission model |
$0.0 |
| 370 |
The use of proto in process.mainModule.proto.require() bypasses the permission system in Node v19.6.1 |
$0.0 |
| 371 |
fs module's file watching is not restricted by --allow-fs-read |
$0.0 |
| 372 |
fs.openAsBlob() bypasses permission system |
$0.0 |
| 373 |
Filesystem experimental permissions policy does not handle path traversal cases. |
$0.0 |
| 374 |
Process-based permissions can be bypassed with the "inspector" module. |
$0.0 |
| 375 |
node.js process aborts when processing x509 certs with invalid public key information |
$0.0 |
| 376 |
DiffieHellman doesn't generate keys after setting a key |
$0.0 |
| 377 |
Node 18 reads openssl.cnf from /home/iojs/build/... upon startup. |
$0.0 |
| 378 |
DNS rebinding in --inspect (again) via invalid IP addresses |
$0.0 |
| 379 |
Policy-restricted modules can escalate to higher privileges by impersonating other modules in a policy list using module.constructor.createRequire() |
$0.0 |
| 380 |
Permission model bypass by specifying a path traversal sequence in a buffer, |
$0.0 |
| 381 |
fs.mkdtemp() and fs.mkdtempSync() are missing getValidatedPath() checks. |
$0.0 |
| 382 |
Renaming/aliasing relative symbolic links potentially redirects them to supposedly inaccessible locations |
$0.0 |
| 383 |
Permissions policies can be bypassed via Module._load. |
$0.0 |
| 384 |
Dependency Policy Bypass via process.binding |
$0.0 |
| 385 |
fs.statfs bypasses Permission Model |
$0.0 |
| 386 |
process.binding() can bypass the permission model through path traversal |
$0.0 |
| 387 |
Integrity checks according to policies can be circumvented |
$0.0 |
| 388 |
Permission model improperly protects against path traversal |
$0.0 |
| 389 |
Path traversal through path stored in Uint8Array |
$0.0 |
| 390 |
Multiple permission model bypasses due to improper path traversal sequence sanitization |
$0.0 |
| 391 |
http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks |
$0.0 |
| 392 |
Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding) |
$0.0 |
| 393 |
Code injection and privilege escalation through Linux capabilities |
$0.0 |
| 394 |
Improper handling of wildcards in --allow-fs-read and --allow-fs-write |
$0.0 |
| 395 |
Path traversal by monkey-patching Buffer internals |
$0.0 |
| 396 |
Proxy-Authorization header is not cleared in cross-domain redirect in undici |
$0.0 |
| 397 |
setuid() does not drop all privileges due to io_uring |
$0.0 |
| 398 |
Denial of Service by resource exhaustion in fetch() brotli decoding |
$0.0 |
| 399 |
"Assertion failed" in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash |
$0.0 |
| 400 |
HTTP Request Smuggling via Content Length Obfuscation |
$0.0 |
| 401 |
Proxy-Authorization header not cleared on cross-origin redirect in undici.request |
$0.0 |
| 402 |
fetch with integrity option is too lax when algorithm is specified but hash value is in incorrect |
$0.0 |
| 403 |
Bypass network import restriction via data URL |
$0.0 |
| 404 |
fs.fchown/fchmod bypasses permission model |
$0.0 |
| 405 |
Bypass incomplete fix of CVE-2024-27980 |
$0.0 |
| 406 |
fs.lstat bypasses permission model |
$0.0 |
| 407 |
Permission model improperly processes UNC paths |
$0.0 |
| 408 |
Permissions can be bypassed via arbitrary code execution through abusing libuv signal pipes |
$0.0 |