7801 matches found
Malicious Typo-Squatting
openssl.js is a malicious typo-squatting package. The package uses a similar name to the original library so that developers may mistake it for the real one but have malicious actions under the hood such as stealing environment variables...
Malicious Typo-Squatting
node-openssl is a malicious typo-squatting package. The package uses a similar name to the original library so that developers may mistake it for the real one but have malicious actions under the hood such as stealing environment variables...
Malicious Typo-Squatting
node-opensl is a malicious typo-squatting package. The package uses a similar name to the original library so that developers may mistake it for the real one but have malicious actions under the hood such as stealing environment variables...
Malicious Typo-Squatting
babelcli is a malicious typo-squatting package. The package uses a similar name to the original library so that developers may mistake it for the real one but have malicious actions under the hood such as stealing environment variables...
Malicious Typo-Squatting
mssql-node is a malicious typo-squatting package. The package uses a similar name to the original library so that developers may mistake it for the real one but have malicious actions under the hood such as stealing environment variables...
Malicious Typo-Squatting
gruntcli is a malicious typo-squatting package. The package uses a similar name to the original library so that developers may mistake it for the real one but have malicious actions under the hood such as stealing environment variables...
Malicious Typo-Squatting
mssql.js is a malicious typo-squatting package. The package uses a similar name to the original library so that developers may mistake it for the real one but have malicious actions under the hood such as stealing environment variables...
Malicious Module
nodemssql is a malicious typo-squatting package. The package uses a similar name to the original library so that developers may mistake it for the real one but have malicious actions under the hood such as stealing environment variables...
CVE-2017-16080
nodesass was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
CVE-2017-16077
mongose was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
CVE-2017-16078
shadowsock was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
CVE-2017-16074
crossenv was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
CVE-2017-16075
http-proxy.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
CVE-2017-16076
proxy.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
CVE-2017-16081
cross-env.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
CVE-2017-16079
smb was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
Design/Logic Flaw
noderequest was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
CVE-2017-16067
node-opencv was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
Code injection
gruntcli was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
Denial of service
opencv.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...