1323 matches found
Prototype Pollution
Overview All versions of merge-objects are vulnerable to Prototype Pollution. Recommendation No fix is available for this vulnerability at this time. It is our recommendation to use an alternative package. References - HackerOne Report - GitHub Advisory...
Prototype Pollution
Overview All versions of merge-recursive are vulnerable to Prototype Pollution. When malicious user input is merged with another object it allows the attacker to modify the prototype of Object via proto causing the addition or modification of an existing property. Proof of concept: var merge =...
CVE-2016-10540
creationtimestamp| type| source ---|---|--- 2018-10-09 00:40:41+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-hxm2-r34f-qmc5...
CVE-2017-0930
creationtimestamp| type| source ---|---|--- 2018-09-18 13:50:25+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-4wch-fwmx-cf47...
CVE-2018-16460
creationtimestamp| type| source ---|---|--- 2018-09-17 20:43:59+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-cfhg-9x44-78h2...
NoSQL Injection
Overview Versions of loopback-connector-mongodb before 3.6.0 are vulnerable to NoSQL injection. MongoDB Connector for LoopBack fails to properly sanitize a filter passed to query the database by allowing the dangerous $where property to be passed to the MongoDB Driver. The Driver allows the speci...
Command Injection
Overview Versions of egg-scripts before 2.8.1 are vulnerable to command injection. This is only exploitable if a malicious argument is provided on the command line. Example: eggctl start --daemon --stderr='/tmp/eggctlstderr.log; touch /tmp/malicious' Recommendation Update to version 2.8.1 or late...
CVE-2018-3784
creationtimestamp| type| source ---|---|--- 2018-08-21 17:02:43+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-38f5-ghc2-fcmv...
Code Injection
Overview All versions of cryo are vulnerable to code injection due to an Insecure implementation of deserialization. Proof of concept var Cryo = require'cryo'; var frozen = '"root":"CRYOREF3","references":"contents":,"value":"CRYOFUNCTIONfunction console.log\"defconrussia\"; return...
Privilege Escalation due to Blind NoSQL Injection
Overview Versions of flintcms before version 1.1.10 are vulnerable to account takeover due to blind MongoDB injection in the password reset. Recommendation Update to version 1.1.10 or later. References - HackerOne Report - GitHub Advisory...
Malicious Package
Overview All versions of soket.io are considered malicious. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When executed, the package calls home to a Command and Control server to execute arbitrary commands. Recommendation...
Malicious Package
Overview All versions of regenrator are considered malicious. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When executed, the package calls home to a Command and Control server to execute arbitrary commands. Recommendatio...
Malicious Package
Overview All versions of regenraotr are considered malicious. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When executed, the package calls home to a Command and Control server to execute arbitrary commands. Recommendatio...
CVE-2017-16226
creationtimestamp| type| source ---|---|--- 2018-08-06 21:37:06+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-5mjw-6jrh-hvfq...
Arbitrary File Write via Archive Extraction
Overview Versions of adm-zip before 0.4.9 are vulnerable to arbitrary file write when used to extract a specifically crafted archive that contains path traversal filenames ../../file.txt for example. Recommendation Update to version 0.4.9 or later. References - GitHub Pull Request - Zip Slip...
Arbitrary File Write via Archive Extraction
Overview Versions of unzipper before 0.8.13 are vulnerable to arbitrary file write when used to extract a specifically crafted archive that contains path traversal filenames ../../file.txt for example. Recommendation Update to version 0.3.18 or later. References - GitHub Pull Request - Zip Slip...
Path Traversal
Overview Versions of express-cart before 1.1.7 are vulnerable to Path Traversal. Recommendation Update to version 1.1.7 or later. References - HackerOne Report - GitHub Advisory...
CVE-2017-16030
creationtimestamp| type| source ---|---|--- 2018-07-24 19:59:13+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-pjmx-9xr3-82qr...
CVE-2017-16010
creationtimestamp| type| source ---|---|--- 2018-07-24 19:58:33+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-cmh5-qc8w-xvcq...
CVE-2017-16082
creationtimestamp| type| source ---|---|--- 2018-07-24 19:44:42+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-wc9v-mj63-m9g5...