CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2021-0600

Malware in sbrugna...

9.8CVSS9.4AI score0.00613EPSS

Exploits1References6

OSV•added 2021/03/19 9:21 p.m.•0 views

GHSA-4RV9-5VC4-88CG Command injection in node-ps

This affects all versions of package node-ps. The injection point is located in line 72 in lib/index.js...

9.8CVSS5.8AI score0.00613EPSS

Exploits1References4

vulnersOsv•added 2021/03/19 9:21 p.m.•0 views

@servable/server (>=1.0.0 <=1.11.2), dockertools (=1.8.2) +5 more potentially affected by CVE-2020-7785 via node-ps (=0.0.2)

node-ps NPM version =0.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on node-ps and may be impacted: - @servable/server =1.0.0, =1.0.0, =1.5.1, =0.2.1, =0.0.3, =0.0.4 - servable-publishable =1.1.0 Source cves: CVE-2020-7785 Source advisory:...

9.8CVSS7.2AI score0.00613EPSS

Exploits1

Github Security Blog•added 2021/03/19 9:21 p.m.•51 views

Command injection in node-ps

This affects all versions of package node-ps. The injection point is located in line 72 in lib/index.js...

9.8CVSS9.2AI score0.00613EPSS

Exploits1References5Affected Software1

Veracode•added 2021/02/09 7:13 a.m.•17 views

OS Command Injection

node-ps is vulnerable to OS command injection. The vulnerability exists as untrusted input is passed to childProcess.exec is not validated and sanitized...

9.8CVSS3.1AI score0.00613EPSS

Exploits1References3Affected Software1

NVD•added 2021/02/08 7:15 p.m.•8 views

CVE-2020-7785

This affects all versions of package node-ps. The injection point is located in line 72 in lib/index.js...

9.8CVSS0.00613EPSS

Exploits1References3

Prion•added 2021/02/08 7:15 p.m.•10 views

Code injection

This affects all versions of package node-ps. The injection point is located in line 72 in lib/index.js...

7.5CVSS9.6AI score0.00613EPSS

Exploits1References3

CVE•added 2021/02/08 6:25 p.m.•36 views

CVE-2020-7785

CVE-2020-7785 affects all versions of the package node-ps . The root cause is a command injection vulnerability at the injection point in line 72 of lib/index.js, where untrusted input can reach childProcess.exec. A PoC demonstrates supplying shell metacharacters via psargs (e.g., {psargs:["& tou...

9.8CVSS9.7AI score0.00613EPSS

Exploits1References3Affected Software1

Cvelist•added 2021/02/08 6:25 p.m.•13 views

CVE-2020-7785 Command Injection

This affects all versions of package node-ps. The injection point is located in line 72 in lib/index.js...

9.8CVSS9.7AI score0.00613EPSS

Exploits1References3

CNNVD•added 2021/02/08 12:0 a.m.•4 views

Neekey node-ps injection vulnerability

Neekey node-ps is a lookup tool from the US-based individual developer Neekey. It is provided to find running processes. An injection vulnerability exists in Neekey node-ps, which stems from a lack of proper validation of user input data in lib/index.js, which is not filtered or does not correctl...

9.8CVSS7.3AI score0.00613EPSS

Exploits1References4

vulnersOsv•added 2020/12/04 5:33 p.m.•0 views

@servable/server (>=1.0.0 <=1.11.2), dockertools (=1.8.2) +5 more potentially affected by CVE-2020-7785 via node-ps (=0.0.2)

9.8CVSS7.2AI score0.00613EPSS

Exploits1

Snyk•added 2020/12/04 5:33 p.m.•1 views

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection. The injection point is located in line 72 in lib/index.js. PoC var a =require"node-ps"; a.lookuppsargs:"& touch JHU ",function Remediation There is no fixed version for node-ps. References - NPM Package - Vulnerable...

9.8CVSS7.2AI score0.00613EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by