Export limit exceeded: 345093 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345093 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345093 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-16056 | 1 Mssql.js Project | 1 Mssql.js | 2024-11-21 | N/A |
| mssql.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16055 | 1 Sqlserver Project | 1 Sqlserver | 2024-11-21 | N/A |
| `sqlserver` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16054 | 1 Nodefabric Project | 1 Nodefabric | 2024-11-21 | N/A |
| `nodefabric` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16053 | 1 Fabric-js Project | 1 Fabric-js | 2024-11-21 | N/A |
| `fabric-js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16052 | 1 Node-fabric Project | 1 Node-fabric | 2024-11-21 | N/A |
| `node-fabric` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16051 | 1 Sqliter Project | 1 Sqliter | 2024-11-21 | N/A |
| `sqliter` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16050 | 1 Sqlite.js Project | 1 Sqlite.js | 2024-11-21 | N/A |
| `sqlite.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16049 | 1 Nodesqlite Project | 1 Nodesqlite | 2024-11-21 | N/A |
| `nodesqlite` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16048 | 1 Node-sqlite Project | 1 Node-sqlite | 2024-11-21 | N/A |
| `node-sqlite` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16047 | 1 Mysqljs Project | 1 Mysqljs | 2024-11-21 | N/A |
| mysqljs was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16046 | 1 Mariadb | 1 Mariadb | 2024-11-21 | 7.5 High |
| `mariadb` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16045 | 1 Jquery.js Project | 1 Jquery.js | 2024-11-21 | N/A |
| `jquery.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16044 | 1 D3.js Project | 1 D3.js | 2024-11-21 | N/A |
| `d3.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16043 | 1 Shout Project | 1 Shout | 2024-11-21 | 6.1 Medium |
| Shout is an IRC client. Because the `/topic` command in messages is unescaped, attackers have the ability to inject HTML scripts that will run in the victim's browser. Affects shout >=0.44.0 <=0.49.3. | ||||
| CVE-2017-16042 | 1 Growl Project | 1 Growl | 2024-11-21 | N/A |
| Growl adds growl notification support to nodejs. Growl before 1.10.2 does not properly sanitize input before passing it to exec, allowing for arbitrary command execution. | ||||
| CVE-2017-16041 | 1 Ikst Project | 1 Ikst | 2024-11-21 | N/A |
| ikst versions before 1.1.2 download resources over HTTP, which leaves it vulnerable to MITM attacks. | ||||
| CVE-2017-16040 | 1 Gfe-sass Project | 1 Gfe-sass | 2024-11-21 | N/A |
| gfe-sass is a library for promises (CommonJS/Promises/A,B,D) gfe-sass downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | ||||
| CVE-2017-16039 | 1 Hftp Project | 1 Hftp | 2024-11-21 | N/A |
| `hftp` is a static http or ftp server `hftp` is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | ||||
| CVE-2017-16038 | 1 F2e-server Project | 1 F2e-server | 2024-11-21 | N/A |
| `f2e-server` 1.12.11 and earlier is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. This is compounded by `f2e-server` requiring elevated privileges to run. | ||||
| CVE-2017-16037 | 1 Gomeplus-h5-proxy Project | 1 Gomeplus-h5-proxy | 2024-11-21 | N/A |
| `gomeplus-h5-proxy` is vulnerable to a directory traversal issue, allowing attackers to access any file in the system by placing '../' in the URL. | ||||