CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-2519

Malware in sbrugna...

9.8CVSS9.2AI score0.01311EPSS

Exploits1References5

vulnersOsv•added 2023/05/04 9:30 p.m.•1 views

@nexgin/totaljsapplication (>=0.0.1 <=0.0.66) potentially affected by CVE-2023-30094 via total4 (=0.0.80)

total4 NPM version =0.0.80 is affected by a known vulnerability. The following packages have a transitive dependency on total4 and may be impacted: - @nexgin/totaljsapplication =0.0.1, =0.0.66 Source cves: CVE-2023-30094 Source advisory: OSV:GHSA-JJ45-24RW-V6JW...

5.4CVSS6AI score0.00839EPSS

Exploits1

Github Security Blog•added 2021/12/10 5:26 p.m.•30 views

Code Injection in total4

The package total4 before 0.0.43 are vulnerable to Arbitrary Code Execution via the U.set and U.get functions...

9.8CVSS9.2AI score0.01311EPSS

Exploits1References5Affected Software1

OSV•added 2021/12/10 5:26 p.m.•16 views

GHSA-G7MQ-RFJ2-25WQ Code Injection in total4

The package total4 before 0.0.43 are vulnerable to Arbitrary Code Execution via the U.set and U.get functions...

9.8CVSS9.7AI score0.01311EPSS

Exploits1References4

OSV•added 2021/07/12 4:15 p.m.•2 views

CVE-2021-23390

The package total4 before 0.0.43 are vulnerable to Arbitrary Code Execution via the U.set and U.get functions...

9.8CVSS9.6AI score

Exploits0References3

NVD•added 2021/07/12 4:15 p.m.•8 views

CVE-2021-23390

The package total4 before 0.0.43 are vulnerable to Arbitrary Code Execution via the U.set and U.get functions...

9.8CVSS0.01311EPSS

Exploits1References3

Cvelist•added 2021/07/12 3:15 p.m.•11 views

CVE-2021-23390 Arbitrary Code Execution

The package total4 before 0.0.43 are vulnerable to Arbitrary Code Execution via the U.set and U.get functions...

9.8CVSS9.9AI score0.01311EPSS

Exploits1References3

CVE•added 2021/07/12 3:15 p.m.•49 views

CVE-2021-23390

CVE-2021-23390 affects the total4 package (Node.js framework) up to versions prior to 0.0.43. The vulnerability enables Arbitrary Code Execution through the U.set() and U.get() functions, as detailed by multiple sources (Snyk PoC, GitHub advisory GHSA-g7mq-rfj2-25WQ, and OSV/NVD records). Practic...

9.8CVSS9.7AI score0.01311EPSS

Exploits1References3Affected Software1

ATTACKERKB•added 2021/07/12 3:10 p.m.•1 views

CVE-2021-23390

The package total4 before 0.0.43 are vulnerable to Arbitrary Code Execution via the U.set and U.get functions...

9.8CVSS5.5AI score0.01311EPSS

Exploits1References4

CNNVD•added 2021/07/12 12:0 a.m.•3 views

total.js代码注入漏洞

total.js is open source a framework developed using JavaScript for the Node.js platform. It can be used to develop web, desktop, service and IoT platforms. A security vulnerability exists in total.js, which stems from the package total4 in versions prior to 0.0.43 that is prone to executing...

9.8CVSS8.5AI score0.01311EPSS

Exploits1References3

Snyk•added 2021/03/24 6:16 p.m.•3 views

Arbitrary Code Execution

Overview total4 is a framework for Node.js platform written in pure JavaScript similar to PHP's Laravel or Python's Django or ASP.NET MVC. It can be used as a web, desktop, service, or IoT application. Affected versions of this package are vulnerable to Arbitrary Code Execution via the U.set and...

9.8CVSS7.1AI score0.01311EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by