CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

29 matches found

EUVD•added 2025/11/11 7:44 a.m.•0 views

EUVD-2025-77398

Malicious code in broccoli-notthedevs npm...

6.6AI score

Exploits0

OSSF Malicious Packages•added 2025/11/11 7:44 a.m.•0 views

Malicious code in broccoli-notthedevs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e54c82c60758d101880d2e742e238fc1147d2cfe8dd5474220a26d91e4462213 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2019-0349

Malware in sbrugna...

9.3CVSS8.1AI score0.00735EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-1412

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.06257EPSS

Exploits1References3

OSSF Malicious Packages•added 2025/08/14 6:52 p.m.•0 views

Malicious code in @supernpm2024/legendary-broccoli (npm)

The package @supernpm2024/legendary-broccoli was found to contain malicious code...

7AI score

Exploits0

OSV•added 2025/08/14 6:52 p.m.•0 views

MAL-2025-9369 Malicious code in @supernpm2024/legendary-broccoli (npm)

The package @supernpm2024/legendary-broccoli was found to contain malicious code...

7.2AI score

Exploits0

OSV•added 2025/07/31 7:14 p.m.•3 views

MAL-2025-6468 Malicious code in broccoli-server (PyPI)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score

Exploits0

RedhatCVE•added 2025/05/23 3:33 a.m.•3 views

CVE-2023-27848

broccoli-compass v0.2.4 was discovered to contain a remote code execution RCE vulnerability via the childprocess function...

9.8CVSS8.2AI score0.06257EPSS

Exploits1References1

Veracode•added 2023/04/27 11:2 a.m.•22 views

Remote Code Execution (RCE)

broccoli-compass is vulnerable to Remote Code Execution RCE. Lack of proper checking of attacker-controlled filenames which is included in the list of files passed to the library via its files option, allows an attacker to execute malicious code on the system...

9.8CVSS9.5AI score0.06257EPSS

Exploits1References4Affected Software1

vulnersOsv•added 2023/04/24 6:30 p.m.•0 views

ember-cli-broccoli-compass (>=0.0.1 <=0.0.5), ember-cli-compass (>=0.0.4 <=0.0.5) +1 more potentially affected by CVE-2023-27848 via broccoli-compass (>=0.0.7 <=0.1.1)

broccoli-compass NPM version =0.0.7, =0.0.1, =0.0.4, =0.0.1, =0.0.13 Source cves: CVE-2023-27848 Source advisory: OSV:GHSA-WQ8F-XMQ3-5VQ9...

9.8CVSS7.2AI score0.06257EPSS

Exploits1

Github Security Blog•added 2023/04/24 6:30 p.m.•15 views

Remote code execution in broccoli-compass

broccoli-compass v0.2.4 was discovered to contain a remote code execution RCE vulnerability via the childprocess function...

9.8CVSS7.6AI score0.06257EPSS

Exploits1References4Affected Software1

NVD•added 2023/04/24 6:15 p.m.•8 views

CVE-2023-27848

broccoli-compass v0.2.4 was discovered to contain a remote code execution RCE vulnerability via the childprocess function...

9.8CVSS9.9AI score0.06257EPSS

Exploits1References2

OSV•added 2023/04/24 6:15 p.m.•10 views

CVE-2023-27848

broccoli-compass v0.2.4 was discovered to contain a remote code execution RCE vulnerability via the childprocess function...

9.8CVSS10AI score

Exploits0References2

Cvelist•added 2023/04/24 12:0 a.m.•15 views

CVE-2023-27848

broccoli-compass v0.2.4 was discovered to contain a remote code execution RCE vulnerability via the childprocess function...

10AI score0.06257EPSS

Exploits1References2

CNNVD•added 2023/04/24 12:0 a.m.•2 views

npm broccoli-compass 命令注入漏洞

npm broccoli-compass is a library from the American company npm. A security vulnerability exists in npm broccoli-compass version v0.2.4, which stems from the discovery of a remote code execution RCE vulnerability via the childproces function...

9.8CVSS9.1AI score0.06257EPSS

Exploits1References3

CVE•added 2023/04/24 12:0 a.m.•41 views

CVE-2023-27848

CVE-2023-27848 affects broccoli-compass v0.2.4. A remote code execution (RCE) vulnerability exists via the child_process function, allowing execution of attacker-controlled code. Impact is high (C/H/I/H/A/H) per the CVSS3.1 data; exploitation is network-borne with no user interaction and no privi...

9.8CVSS9.9AI score0.06257EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2023/04/24 12:0 a.m.•3 views

CVE-2023-27848

broccoli-compass v0.2.4 was discovered to contain a remote code execution RCE vulnerability via the childprocess function...

9.9AI score0.06257EPSS

Exploits1References2

Positive Technologies•added 2023/04/24 12:0 a.m.•2 views

PT-2023-21373 · Unknown · Broccoli-Compass

Name of the Vulnerable Software and Affected Versions: broccoli-compass version 0.2.4 Description: The issue is related to a remote code execution RCE vulnerability. It is exploited via the child process function. Recommendations: For broccoli-compass version 0.2.4, consider restricting the use o...

9.8CVSS9.6AI score0.06257EPSS

Exploits1References6

vulnersOsv•added 2021/12/09 7:27 p.m.•0 views

@love-open-source/ember-slider (>=0.0.2 <=1.1.10), broccoli-compass-compiler (>=0.0.1 <=0.0.6) +1 more potentially affected by CVE-2020-7635 via compass-compile (=0.0.1)

compass-compile NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on compass-compile and may be impacted: - @love-open-source/ember-slider =0.0.2, =0.0.1, =0.1.0, =0.5.0 Source cves: CVE-2020-7635 Source advisory: OSV:GHSA-7Q9F-X6RM-QMXR...

9.8CVSS7.2AI score0.01227EPSS

Exploits1

vulnersOsv•added 2020/04/05 12:0 a.m.•2 views

@love-open-source/ember-slider (>=0.0.2 <=1.1.10), broccoli-compass-compiler (>=0.0.1 <=0.0.6) +1 more potentially affected by CVE-2020-7635 via compass-compile (=0.0.1)

9.8CVSS7.2AI score0.01227EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by