Vulnerabilidades em HackerOne

470 resultados

CVE-2018-16483—A deficiency in the access control in module express-cart <=1.1.5 allows unprivileged users to add new users to the application as administrEPSS 1.2%CVE-2016-10520—jadedown is vulnerable to regular expression denial of service (ReDoS) when certain types of user input is passed in.EPSS 1.2%CVE-2015-9239—ansi2html is vulnerable to regular expression denial of service (ReDoS) when certain types of user input is passed in.EPSS 1.2%CVE-2017-16046—`mariadb` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.EPSS 1.1%CVE-2017-16204—The jquey module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.EPSS 1.1%CVE-2017-16045—`jquery.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.EPSS 1.1%CVE-2017-16076—proxy.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.EPSS 1.1%CVE-2017-16067—node-opencv was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.EPSS 1.1%CVE-2017-16063—node-opensl was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.EPSS 1.1%CVE-2017-16053—`fabric-js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.EPSS 1.1%CVE-2017-16058—gruntcli was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.EPSS 1.1%CVE-2017-16071—nodemailer-js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.EPSS 1.1%CVE-2017-16057—nodemssql was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.EPSS 1.1%CVE-2017-16066—opencv.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.EPSS 1.1%CVE-2017-16056—mssql.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.EPSS 1.1%CVE-2017-16203—The coffe-script module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installaEPSS 1.1%CVE-2017-16205—The coffescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installatEPSS 1.1%CVE-2017-16050—`sqlite.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.EPSS 1.1%CVE-2017-16055—`sqlserver` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.EPSS 1.1%CVE-2017-16079—smb was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.EPSS 1.1%

← anteriorpágina 20 / 24próxima →