CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2020/09/11 9:19 p.m.•5 views

GHSA-28F8-HQMC-7PH8 Malicious Package in ember-power-timepicker

Version 1.0.8 of ember-power-timepicker contained malicious code. The code when executed in the browser would enumerate password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment and...

Github Security Blog•added 2020/09/11 9:19 p.m.•33 views

Malicious Package in ember-power-timepicker

OSV•added 2020/09/03 9:2 p.m.•6 views

GHSA-CHH2-RVHG-WQWR Malicious Package in json-serializer

Version 2.0.10 of json-serializer contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment and evaluate...

Github Security Blog•added 2020/09/03 7:18 p.m.•19 views

Malicious Package in device-mqtt

Version 1.0.11 of device-mqtt contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment. It's also...

Github Security Blog•added 2020/09/03 7:11 p.m.•34 views

Malicious Package in jquery-airload

Version 0.2.5 of jquery-airload contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment. It's also...

OSV•added 2020/09/03 7:11 p.m.•11 views

GHSA-78P3-96HC-3J47 Malicious Package in jquery-airload

OSV•added 2020/09/03 12:34 a.m.•15 views

GHSA-GJC9-932X-C59P Malicious Package in leaflet-gpx

Version 1.0.1 of leaflet-gpx contained malicious code. The code when executed in the browser would enumerate password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment and evaluate yo...

OSV•added 2020/09/03 12:32 a.m.•11 views

GHSA-84QJ-9QF2-Q92R Malicious Package in pm-controls

Version 1.1.8 of pm-controls contained malicious code. The code when executed in the browser would enumerate password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment and evaluate yo...

OSV•added 2020/09/01 8:34 p.m.•7 views

GHSA-3WJM-33MW-H388 Malicious Package in s3asy

Version 0.4.8 of s3asy contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation If version 0.4.8 of this module is found installed you will want ...

7.1AI score

Github Security Blog•added 2020/09/01 8:33 p.m.•25 views

Malicious Package in react-server-native

Version 0.0.7 of react-server-native contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation If version 0.0.7 of this module is found installed...

Github Security Blog•added 2020/09/01 8:31 p.m.•31 views

Malicious Package in rc-calendar-jhorst

Version 8.4.3 of rc-calendar-jhorst contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation If version 8.4.3 of this module is found installed y...

Github Security Blog•added 2020/09/01 8:26 p.m.•30 views

Malicious Package in jasmin

Version 0.0.3 of jasmin contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation If version 0.0.3 of this module is found installed you will want...

Github Security Blog•added 2020/09/01 7:50 p.m.•20 views

Malicious Package in coffee-project

Version 1.7.5 of coffee-project contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation If version 1.7.5 of this module is found installed you...

Github Security Blog•added 2020/09/01 7:47 p.m.•23 views

Malicious Package in awesome_react_utility

Version 1.0.2 of awesomereactutility contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation If version 1.0.2 of this module is found installed...

2.9AI score

Exploits0References3Affected Software1

Node.js•added 2019/08/07 4:58 p.m.•7 views

Malicious Package

Overview Version 1.1.3 of pensi-scheduler contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment. It's...

Node.js•added 2019/08/06 7:14 p.m.•8 views

Malicious Package

Overview Version 0.0.26 of ngx-context-menu contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment. It...

Node.js•added 2019/08/06 7:8 p.m.•16 views

Malicious Package

Overview Version 1.0.6 of @fangrong/xoc contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment. It's...

Node.js•added 2019/08/06 6:54 p.m.•12 views

Malicious Package

Overview Version 1.0.4 of iie-viz contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment. It's also...

Node.js•added 2019/06/07 7:26 p.m.•13 views

Malicious Package

Overview Version 1.0.2 of radic-util contained malicious code. The code when executed in the browser would enumerate password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment and...