Lucene search
K

43 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 7 : rh-nodejs10-nodejs-10.23.1-2.el7 (AXSA:2021-1479:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1479:01 advisory. libuv: buffer overflow in realpath CVE-2020-8252 nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS...

9.8CVSS7.9AI score0.69062EPSS
Exploits8References11
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/12 12:22 a.m.9 views

Malicious code in yargs-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 376960ce1e5da7d01dd733e2ab53f7c0b614b4f98bf23da45b88c2bf3f169037 The package yargs-js was found to contain malicious code. Source: ghsa-malware f0f6199e2f9202a8ae9ecbd9363eb1b1f2d56b7ab11d600b01dd0bc1adcb31c6 Any...

6.9AI score
Exploits0References1
Snyk
Snyk
added 2026/01/12 12:22 a.m.5 views

Malicious Package

Overview yargs-js is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS6.8AI score
Exploits0References2
EUVD
EUVD
added 2026/01/12 12:22 a.m.4 views

EUVD-2026-1992

Malicious code in yargs-js npm...

6.6AI score
Exploits0References1
OSV
OSV
added 2026/01/12 12:22 a.m.5 views

MAL-2026-207 Malicious code in yargs-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 376960ce1e5da7d01dd733e2ab53f7c0b614b4f98bf23da45b88c2bf3f169037 The package yargs-js was found to contain malicious code. Source: ghsa-malware f0f6199e2f9202a8ae9ecbd9363eb1b1f2d56b7ab11d600b01dd0bc1adcb31c6 Any...

6.8AI score
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-1208

Malware in sbrugna...

5.3CVSS7AI score0.00514EPSS
Exploits1References15
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 7:57 a.m.5 views

Malicious code in yargs-help-output (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1337d3becd83c0b3dc233069268371bc9e7395311560038f52cbe73384e4efa5 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References7
OSV
OSV
added 2025/09/16 7:57 a.m.2 views

MAL-2025-47366 Malicious code in yargs-help-output (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1337d3becd83c0b3dc233069268371bc9e7395311560038f52cbe73384e4efa5 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2020-7608

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - yargs-parser could be tricked into adding or modifying properties of Object.prototype using a proto payload. CVE-2020-7608 Note that Nessus relies on the presen...

5.3CVSS6.7AI score0.00514EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2023/12/24 1:37 p.m.377 views

Exploit for Missing Authorization in Zoneminder

CVE-2023-26035 ZoneMinder Snapshots - Unauthenticated !image...

9.8CVSS9.7AI score0.80462EPSS
Exploits11
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.35 views

Rocky Linux 8 : nodejs:10 (RLSA-2021:0548)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:0548 advisory. - Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like ://:@::/...

9.8CVSS7.9AI score0.69062EPSS
Exploits8References21
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.40 views

Rocky Linux 8 : nodejs:12 (RLSA-2020:5499)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:5499 advisory. - An issue was discovered in ajv.validate in Ajv aka Another JSON Schema Validator 6.12.2. A carefully crafted JSON schema could be provided that allows...

9.8CVSS7.4AI score0.69062EPSS
Exploits2References8
SUSE CVE
SUSE CVE
added 2023/10/31 2:31 a.m.3 views

SUSE CVE-2020-7608

yargs-parser could be tricked into adding or modifying properties of Object.prototype using a "proto" payload...

5.3CVSS7.9AI score0.00514EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/01/23 12:0 a.m.56 views

RHEL 7 : rh-nodejs12-nodejs (RHSA-2020:5305)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5305 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

9.8CVSS7.2AI score0.69062EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2022/09/15 12:0 a.m.42 views

RHEL 7 : rh-nodejs10-nodejs (RHSA-2021:0521)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0521 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

9.8CVSS7.4AI score0.69062EPSS
Exploits8References23
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/08/19 3:55 a.m.3 views

Malicious code in yargs-parxe (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cfd542fba026c32cc65a6a7b1ea5d51d650de75248275d8463a485ffb37ffcaf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/08/19 3:55 a.m.4 views

MAL-2022-7324 Malicious code in yargs-parxe (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cfd542fba026c32cc65a6a7b1ea5d51d650de75248275d8463a485ffb37ffcaf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.28 views

Mageia: Security Advisory (MGASA-2021-0170)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS7.4AI score0.00514EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.11 views

The vulnerability of the yargs-parser library in application software of Aurora Center involves uncontrolled changes to object prototypes’ attributes, allowing attackers to execute “prototype pollution” attacks.

The vulnerability of the yargs-parser library in application software developed by Avora Center relates to uncontrolled changes to object prototypes’ attributes. Exploiting this vulnerability could allow a malicious actor to execute a “prototype compromise” attack...

5.3CVSS6.8AI score0.00514EPSS
Exploits1References4Affected Software1
Mageia
Mageia
added 2021/04/02 8:25 p.m.134 views

Updated nodejs-yargs-parser packages fix security vulnerability

yargs-parser could be tricked into adding or modifying properties of Object.prototype using a "proto" payload CVE-2020-7608...

5.3CVSS2.5AI score0.00514EPSS
Exploits1References1
Rows per page
Query Builder