Export limit exceeded: 24624 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (24624 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-16060 | 1 Babelcli Project | 1 Babelcli | 2024-11-21 | N/A |
| babelcli was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16059 | 1 Mssql-node Project | 1 Mssql-node | 2024-11-21 | N/A |
| mssql-node was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16058 | 1 Gruntcli Project | 1 Gruntcli | 2024-11-21 | N/A |
| gruntcli was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16057 | 1 Nodemssql Project | 1 Nodemssql | 2024-11-21 | N/A |
| nodemssql was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16056 | 1 Mssql.js Project | 1 Mssql.js | 2024-11-21 | N/A |
| mssql.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16055 | 1 Sqlserver Project | 1 Sqlserver | 2024-11-21 | N/A |
| `sqlserver` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16054 | 1 Nodefabric Project | 1 Nodefabric | 2024-11-21 | N/A |
| `nodefabric` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16053 | 1 Fabric-js Project | 1 Fabric-js | 2024-11-21 | N/A |
| `fabric-js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16052 | 1 Node-fabric Project | 1 Node-fabric | 2024-11-21 | N/A |
| `node-fabric` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16051 | 1 Sqliter Project | 1 Sqliter | 2024-11-21 | N/A |
| `sqliter` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16050 | 1 Sqlite.js Project | 1 Sqlite.js | 2024-11-21 | N/A |
| `sqlite.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16049 | 1 Nodesqlite Project | 1 Nodesqlite | 2024-11-21 | N/A |
| `nodesqlite` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16048 | 1 Node-sqlite Project | 1 Node-sqlite | 2024-11-21 | N/A |
| `node-sqlite` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16047 | 1 Mysqljs Project | 1 Mysqljs | 2024-11-21 | N/A |
| mysqljs was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16045 | 1 Jquery.js Project | 1 Jquery.js | 2024-11-21 | N/A |
| `jquery.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16044 | 1 D3.js Project | 1 D3.js | 2024-11-21 | N/A |
| `d3.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16042 | 1 Growl Project | 1 Growl | 2024-11-21 | N/A |
| Growl adds growl notification support to nodejs. Growl before 1.10.2 does not properly sanitize input before passing it to exec, allowing for arbitrary command execution. | ||||
| CVE-2017-16026 | 1 Request Project | 1 Request | 2024-11-21 | N/A |
| Request is an http client. If a request is made using ```multipart```, and the body type is a ```number```, then the specified number of non-zero memory is passed in the body. This affects Request >=2.2.6 <2.47.0 || >2.51.0 <=2.67.0. | ||||
| CVE-2017-16024 | 2 Nodejs, Sync-exec Project | 2 Node.js, Sync-exec | 2024-11-21 | N/A |
| The sync-exec module is used to simulate child_process.execSync in node versions <0.11.9. Sync-exec uses tmp directories as a buffer before returning values. Other users on the server have read access to the tmp directory, possibly allowing an attacker on the server to obtain confidential information from the buffer/tmp file, while it exists. | ||||
| CVE-2017-16023 | 1 Decamelize Project | 1 Decamelize | 2024-11-21 | N/A |
| Decamelize is used to convert a dash/dot/underscore/space separated string to camelCase. Decamelize 1.1.0 through 1.1.1 uses regular expressions to evaluate a string and takes unescaped separator values, which can be used to create a denial of service attack. | ||||