CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2022-6489

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.0109EPSS

Exploits1References2

Veracode•added 2022/08/03 5:38 a.m.•19 views

Command Injection

monorepo-build is vulnerable to command injection. The vulnerability exists in the publish function in index.js which allows an attacker to inject and execute arbitrary commands...

9.8CVSS9.5AI score0.0109EPSS

Exploits1References1Affected Software1

Github Security Blog•added 2022/08/03 12:0 a.m.•21 views

monorepo-build Command Injection vulnerability

A command injection vulnerability affects all versions of package monorepo-build...

9.8CVSS9.5AI score0.0109EPSS

Exploits1References3Affected Software1

OSV•added 2022/08/03 12:0 a.m.•0 views

GHSA-5VRC-7JFR-4642 monorepo-build Command Injection vulnerability

A command injection vulnerability affects all versions of package monorepo-build...

9.8CVSS5.8AI score0.0109EPSS

Exploits1References2

vulnersOsv•added 2022/08/03 12:0 a.m.•3 views

monorepo-publish (>=0.1.0 <=0.1.9) potentially affected by CVE-2020-28423 via monorepo-build (>=0.1.0 <=0.1.9)

monorepo-build NPM version =0.1.0, =0.1.0, =0.1.9 Source cves: CVE-2020-28423 Source advisory: OSV:GHSA-5VRC-7JFR-4642...

9.8CVSS7.2AI score0.0109EPSS

Exploits1

NVD•added 2022/08/02 2:15 p.m.•15 views

CVE-2020-28423

This affects all versions of package monorepo-build...

9.8CVSS0.0109EPSS

Exploits1References1

Prion•added 2022/08/02 2:15 p.m.•14 views

Information disclosure

This affects all versions of package monorepo-build...

7.5CVSS9.5AI score0.0109EPSS

Exploits1References1

CVE•added 2022/08/02 1:28 p.m.•57 views

CVE-2020-28423

CVE-2020-28423 affects all versions of the npm package monorepo-build. The connected sources describe a command-injection vulnerability in the package (notably in the publish function) with PoC examples showing how arguments can inject and execute arbitrary commands. Exploitation details are prov...

9.8CVSS9.6AI score0.0109EPSS

Exploits1References1Affected Software1

Cvelist•added 2022/08/02 1:28 p.m.•18 views

CVE-2020-28423 Command Injection

This affects all versions of package monorepo-build...

9.8CVSS9.6AI score0.0109EPSS

Exploits1References1

CNNVD•added 2022/08/02 12:0 a.m.•3 views

monorepo 命令注入漏洞

monorepo is a movie homepage source repository from cinematic open source. A command injection vulnerability exists in all versions of monorepo-build, which stems from the presence of command injection...

9.8CVSS8.3AI score0.0109EPSS

Exploits1References2

Positive Technologies•added 2022/08/02 12:0 a.m.•6 views

PT-2022-8886 · Unknown · Monorepo-Build

Name of the Vulnerable Software and Affected Versions: monorepo-build affected versions not specified Description: A command injection issue affects the package. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents whe...

9.8CVSS9.7AI score0.0109EPSS

Exploits1References4

vulnersOsv•added 2020/12/11 2:24 p.m.•6 views

monorepo-publish (>=0.1.0 <=0.1.9) potentially affected by CVE-2020-28423 via monorepo-build (>=0.1.0 <=0.1.9)

monorepo-build NPM version =0.1.0, =0.1.0, =0.1.9 Source cves: CVE-2020-28423 Source advisory: SNYK:JS-MONOREPOBUILD-1050392...

9.8CVSS7.2AI score0.0109EPSS

Exploits1

Snyk•added 2020/12/11 2:24 p.m.•4 views

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection. PoC var a =require"monorepo-build"; a.build"./","& touch 1111"," & touch shaaaa" Remediation There is no fixed version for monorepo-build. Credit: JHU System Security Lab...

9.8CVSS6.9AI score0.0109EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by