Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

27 matches found

OSV
OSVadded 2022/06/20 8:9 p.m.6 views

MAL-2022-4184 Malicious code in klook-node-framework-device (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 11e106e5fa5a93e4285478edcd432b0f8e0eff17f783c3c528314d34ad494394 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSVadded 2022/06/20 8:9 p.m.5 views

MAL-2022-4185 Malicious code in klook-node-framework-experiment (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0620cf6726fbf4eed556cd2acf308841477671f166e470d3f28d0a8c437fdcaa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2022/06/20 8:9 p.m.2 views

Malicious code in klook-node-framework-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4267822732a6d0f193fd615a76cc4ef9c1bf9aeea6a25a63e3a0b68690360e9f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2022/06/20 8:9 p.m.1 views

Malicious code in klook-node-framework-site (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware db3790c54915e431cf9b3177bb3d1ecf05ede64d886816930b922bb93a0c0a95 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
CNNVD
CNNVDadded 2021/12/10 12:0 a.m.3 views

comb 代码问题漏洞

comb is a node framework that provides a one-stop shop for frequently needed utilities. A code issue exists in Comb where the product is susceptible to prototype contamination from the mergeDeep function. The following products and versions are affected:...

9.8CVSS8.4AI score0.00477EPSS
Exploits1References1
vulnersOsv
vulnersOsvadded 2019/02/18 11:54 p.m.2 views

collectortoqueue (>=1.2.10 <=1.2.26), gladys (>=2.1.5 <=2.1.9) +13 more potentially affected by CVE-2016-10551 via waterline-sequel (>=0.0.21 <=0.4.0)

waterline-sequel NPM version =0.0.21, =1.2.10, =2.1.5, =0.1.0, =0.1.0, =0.0.1, =0.0.1, =0.1.0, =0.0.1, =0.10.1, =0.0.1, =0.10.1, =0.7.3, =1.0.0-alpha.0, =0.1.0, =0.4.8 Source cves: CVE-2016-10551 Source advisory: OSV:GHSA-CGPP-WM2H-6HQX...

9.8CVSS7.3AI score0.00453EPSS
Exploits1
Prion
Prionadded 2018/06/04 7:29 p.m.12 views

Design/Logic Flaw

Summit is a node web framework. When using the PouchDB driver in the module, Summit 0.1.0 and later allows an attacker to execute arbitrary commands via the collection name...

7.5CVSS9.7AI score0.00788EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder