CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2019-0648

Malware in sbrugna...

5.3CVSS5.3AI score0.0045EPSS

Exploits1References5

OSSF Malicious Packages•added 2025/08/14 6:52 p.m.•2 views

Malicious code in mvc-seneca (npm)

The package mvc-seneca was found to contain malicious code...

7AI score

Exploits0

OSV•added 2025/08/14 6:52 p.m.•1 views

MAL-2025-26926 Malicious code in mvc-seneca (npm)

The package mvc-seneca was found to contain malicious code...

7.2AI score

Exploits0

RedhatCVE•added 2025/05/22 7:36 a.m.•4 views

CVE-2019-5483

Seneca 3.9.0 contains a vulnerability that could lead to exposing environment variables to unauthorized users...

5.3CVSS6.6AI score0.0045EPSS

Exploits1References1

OSV•added 2019/10/29 8:15 p.m.•1 views

CVE-2018-18929

The Tightrope Media Carousel Seneca HDn Windows-based appliance 7.0.4.104 is shipped with a default local administrator username and password. This can be found by a limited user account in an "unattend.xml" file left over on the C: drive from the Sysprep process. An attacker with this username a...

8.8CVSS5.8AI score0.00273EPSS

Exploits1References1

NVD•added 2019/10/29 8:15 p.m.•10 views

CVE-2018-18929

8.8CVSS8.7AI score0.00273EPSS

Exploits1References1

Cvelist•added 2019/10/29 7:33 p.m.•10 views

CVE-2018-18929

8.7AI score0.00273EPSS

Exploits1References1

CVE•added 2019/10/29 7:33 p.m.•68 views

CVE-2018-18929

The CVE concerns Tightrope Media Carousel Seneca HDn Windows-based appliance 7.0.4.104, where a default local administrator username/password can be found in an unattend.xml left on the C: drive from Sysprep. An attacker with these credentials can gain administrator-level access to the system. Th...

8.8CVSS8.6AI score0.00273EPSS

Exploits1References1Affected Software1

Github Security Blog•added 2019/09/11 11:7 p.m.•19 views

Sensitive Data Exposure in seneca

Versions of seneca prior to 3.9.0 are vulnerable to Sensitive Data Exposure. When a process using the package crashes all environment variables are printed. This may leak sensitive data such as access keys, especially given scenarios when log-monitoring systems store the error output...

5.3CVSS3.9AI score0.0045EPSS

Exploits1References5Affected Software1

vulnersOsv•added 2019/09/11 11:7 p.m.•1 views

20yearrewards (>=1.0.7 <=1.0.8), 3pl-central (>=0.1.0 <=0.1.3) +210 more potentially affected by CVE-2019-5483 via seneca (>=0.4.2 <=3.7.0)

seneca NPM version =0.4.2, =1.0.7, =0.1.0, =0.0.0, =1.0.0, =1.0.0, =1.1.1, =1.0.0, =2.1.0, =1.5.0, =1.0.0, =3.0.0, =8.0.0 and more Source cves: CVE-2019-5483 Source advisory: OSV:GHSA-2XWV-3CC9-FP7C...

5.3CVSS6AI score0.0045EPSS

Exploits1

OSV•added 2019/09/11 11:7 p.m.•8 views

GHSA-2XWV-3CC9-FP7C Sensitive Data Exposure in seneca

5.3CVSS5.1AI score0.0045EPSS

Exploits1References4

OSV•added 2019/09/09 5:15 p.m.•8 views

CVE-2019-5483

Seneca 3.9.0 contains a vulnerability that could lead to exposing environment variables to unauthorized users...

5.3CVSS6.5AI score

Exploits0References1

NVD•added 2019/09/09 5:15 p.m.•8 views

CVE-2019-5483

Seneca 3.9.0 contains a vulnerability that could lead to exposing environment variables to unauthorized users...

5.3CVSS5.1AI score0.0045EPSS

Exploits1References1

Prion•added 2019/09/09 5:15 p.m.•10 views

Design/Logic Flaw

Seneca 3.9.0 contains a vulnerability that could lead to exposing environment variables to unauthorized users...

5CVSS5AI score0.0045EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/09/09 4:53 p.m.•15 views

CVE-2019-5483

Seneca 3.9.0 contains a vulnerability that could lead to exposing environment variables to unauthorized users...

5AI score0.0045EPSS

Exploits1References1

CVE•added 2019/09/09 4:53 p.m.•61 views

CVE-2019-5483

CVE-2019-5483 affects Seneca prior to 3.9.0, exposing environment variables when a process crashes. Connected sources (Red Hat, OSV, GHSA, npm advisory, Veracode) confirm Sensitive Data Exposure due to printing environment data in crash logs. Impact is information disclosure of sensitive data suc...

5.3CVSS4.9AI score0.0045EPSS

Exploits1References1Affected Software1

Node.js•added 2019/09/06 6:20 p.m.•18 views

Sensitive Data Exposure

Overview Versions of seneca prior to 3.9.0 are vulnerable to Sensitive Data Exposure. When a process using the package crashes all environment variables are printed. This may leak sensitive data such as access keys, especially given scenarios when log-monitoring systems store the error output...

5CVSS3.1AI score0.0045EPSS

Exploits1Affected Software1

Veracode•added 2019/09/04 6:36 a.m.•13 views

Information Disclosure

seneca is vulnerable to information disclosure. The vulnerability exists as it does not properly handle environment variables. An attacker is able to crash the application and obtain the environment variables information that is printed in the exception...

5.3CVSS1.4AI score0.0045EPSS

Exploits1References3Affected Software1

Hacker One•added 2019/04/04 8:41 a.m.•39 views

Node.js third-party modules: environment variable leakage in error reporting

NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to triage and respond quickly, so be sure to take your time filling out the report! I would like to report the leak of...

5CVSS0.4AI score0.0045EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by