CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

RedhatCVE•added 2025/05/22 7:4 a.m.•5 views

CVE-2017-1000219

npm/KyleRoss windows-cpu all versions vulnerable to command injection resulting in code execution as Node.js user...

9.8CVSS7.8AI score0.04236EPSS

Exploits1References1

vulnersOsv•added 2020/09/01 4:43 p.m.•1 views

sysmonitor-client (>=0.0.1 <=1.0.0), sytemmonitor-client (=0.0.1) potentially affected by CVE-2017-1000219 via windows-cpu (=0.1.4)

windows-cpu NPM version =0.1.4 is affected by a known vulnerability. The following packages have a transitive dependency on windows-cpu and may be impacted: - sysmonitor-client =0.0.1, =1.0.0 - sytemmonitor-client =0.0.1 Source cves: CVE-2017-1000219 Source advisory: OSV:GHSA-63M4-FHF2-CMF7...

9.8CVSS7.2AI score0.04236EPSS

Exploits1

Circl•added 2020/09/01 4:43 p.m.•4 views

CVE-2017-1000219

creationtimestamp| type| source ---|---|--- 2020-09-01 16:43:55+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-63m4-fhf2-cmf7...

9.8CVSS7.3AI score0.04236EPSS

Exploits1References1

CVE•added 2017/11/17 12:0 a.m.•63 views

CVE-2017-1000219

CVE-2017-1000219 (npm/kyleRoss windows-cpu) : All versions vulnerable to command injection causing remote code execution as the Node.js user. The technical basis is that the package’s findLoad method passes user input directly to the shell without validation, enabling arbitrary commands. Document...

9.8CVSS9.8AI score0.04236EPSS

Exploits1References1Affected Software1