CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

Github Security Blog•added 2021/03/19 9:19 p.m.•54 views

Command injection in kill-process-on-port

All versions of package kill-process-on-port are vulnerable to Command Injection via a.getProcessPortId...

7.5CVSS7.4AI score0.0691EPSS

Exploits1References3Affected Software1

OSV•added 2021/03/19 9:19 p.m.•11 views

GHSA-5WQJ-F379-6JH4 Command injection in kill-process-on-port

All versions of package kill-process-on-port are vulnerable to Command Injection via a.getProcessPortId...

7.3CVSS7.4AI score0.0691EPSS

Exploits1References2

Veracode•added 2021/02/02 2:48 a.m.•13 views

Command Injection

kill-process-on-port is vulnerable to command injection. The vulnerability exists because input to getProcessPortId is not sanitized...

7.3CVSS2.4AI score0.0691EPSS

Exploits1References1Affected Software1

CVE•added 2021/02/01 3:30 p.m.•42 views

CVE-2020-28426

Summary: CVE-2020-28426 affects the npm package kill-process-on-port. All versions are vulnerable to Command Injection through the a.getProcessPortId function. Concrete details across sources include exploit scenario via getProcessPortId and the fact that input can be unsafely processed, enabling...

7.5CVSS7.4AI score0.0691EPSS

Exploits1References1Affected Software1

Snyk•added 2020/12/11 2:48 p.m.•2 views

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via a.getProcessPortId. PoC var a = require"kill-process-occupying-port"; a.getProcessPortId"& touch JHU "; Remediation There is no fixed version for kill-process-on-port. Credit: JHU System Security Lab...

7.5CVSS7.1AI score0.0691EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by