Export limit exceeded: 341854 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10190 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10190 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-16062 | 1 Node-tkinter Project | 1 Node-tkinter | 2024-11-21 | 7.5 High |
| node-tkinter was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16061 | 1 Tkinter Package | 1 Tkinter | 2024-11-21 | N/A |
| tkinter was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16060 | 1 Babelcli Project | 1 Babelcli | 2024-11-21 | N/A |
| babelcli was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16059 | 1 Mssql-node Project | 1 Mssql-node | 2024-11-21 | N/A |
| mssql-node was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16058 | 1 Gruntcli Project | 1 Gruntcli | 2024-11-21 | N/A |
| gruntcli was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16057 | 1 Nodemssql Project | 1 Nodemssql | 2024-11-21 | N/A |
| nodemssql was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16056 | 1 Mssql.js Project | 1 Mssql.js | 2024-11-21 | N/A |
| mssql.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16055 | 1 Sqlserver Project | 1 Sqlserver | 2024-11-21 | N/A |
| `sqlserver` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16054 | 1 Nodefabric Project | 1 Nodefabric | 2024-11-21 | N/A |
| `nodefabric` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16053 | 1 Fabric-js Project | 1 Fabric-js | 2024-11-21 | N/A |
| `fabric-js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16052 | 1 Node-fabric Project | 1 Node-fabric | 2024-11-21 | N/A |
| `node-fabric` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16051 | 1 Sqliter Project | 1 Sqliter | 2024-11-21 | N/A |
| `sqliter` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16050 | 1 Sqlite.js Project | 1 Sqlite.js | 2024-11-21 | N/A |
| `sqlite.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16049 | 1 Nodesqlite Project | 1 Nodesqlite | 2024-11-21 | N/A |
| `nodesqlite` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16048 | 1 Node-sqlite Project | 1 Node-sqlite | 2024-11-21 | N/A |
| `node-sqlite` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16047 | 1 Mysqljs Project | 1 Mysqljs | 2024-11-21 | N/A |
| mysqljs was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16045 | 1 Jquery.js Project | 1 Jquery.js | 2024-11-21 | N/A |
| `jquery.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16044 | 1 D3.js Project | 1 D3.js | 2024-11-21 | N/A |
| `d3.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16024 | 2 Nodejs, Sync-exec Project | 2 Node.js, Sync-exec | 2024-11-21 | N/A |
| The sync-exec module is used to simulate child_process.execSync in node versions <0.11.9. Sync-exec uses tmp directories as a buffer before returning values. Other users on the server have read access to the tmp directory, possibly allowing an attacker on the server to obtain confidential information from the buffer/tmp file, while it exists. | ||||
| CVE-2017-16007 | 1 Cisco | 1 Node-jose | 2024-11-21 | N/A |
| node-jose is a JavaScript implementation of the JSON Object Signing and Encryption (JOSE) for current web browsers and node.js-based servers. node-jose earlier than version 0.9.3 is vulnerable to an invalid curve attack. This allows an attacker to recover the private secret key when JWE with Key Agreement with Elliptic Curve Diffie-Hellman Ephemeral Static (ECDH-ES) is used. | ||||