Vulnerability Library

search
ID
Packages
Summary
Affected versions
Published
Fix
MAL-2024-1366
  • npm/sigoner
 Malicious code in sigoner (npm)
  • See details.
 2024-05-15T04:50:16Z No fix available
GHSA-5h5v-hw44-f6gg
  • npm/oceanic.js
 Oceanic allows unsanitized user input to lead to path traversal in URLs
  • See details.
 2024-05-14T20:13:58Z Fix available
GHSA-93pf-mrc8-4g3h
  • npm/kongadmin
 Konga is vulnerable to Cross Site Scripting (XSS) attacks
  • See details.
 2024-05-14T18:31:01Z No fix available
GHSA-g65h-35f3-x2w3
  • npm/directus
 Directus Lacks Session Tokens Invalidation
  • See details.
 2024-05-13T19:59:39Z Fix available
GHSA-h6r4-xvw6-jc5h
  • npm/nocodb
 NocoDB Vulnerable to Stored Cross-Site Scripting in Formula.vue
  • See details.
 2024-05-13T19:59:07Z Fix available
GHSA-p8v3-m643-4xqx
  • npm/directus
 Directus allows redacted data extraction on the API through "alias"
  • See details.
 2024-05-13T19:40:08Z Fix available
GHSA-8fxg-mr34-jqr8
  • npm/nocodb
 NocoDB SQL Injection vulnerability
  • See details.
 2024-05-13T16:46:59Z Fix available
GHSA-qg73-g3cf-vhhh
  • npm/nocodb
 NocoDB Allows Preview of Files with Dangerous Content
  • See details.
 2024-05-13T16:46:49Z Fix available
GHSA-xcp4-62vj-cq3r
  • npm/@valtimo/components
 @valtimo/components exposes access token to form.io
  • See details.
 2024-05-13T16:04:55Z Fix available
MAL-2024-1359
  • npm/by-dynamic-domain
 Malicious code in by-dynamic-domain (npm)
  • See details.
 2024-05-13T01:00:34Z No fix available
MAL-2024-1360
  • npm/by-logger
 Malicious code in by-logger (npm)
  • See details.
 2024-05-13T01:00:34Z No fix available
MAL-2024-1364
  • npm/qaqazzaaa
 Malicious code in qaqazzaaa (npm)
  • See details.
 2024-05-13T00:58:03Z No fix available
MAL-2024-1358
  • npm/@asdfvr/qaqazzaaa
 Malicious code in @asdfvr/qaqazzaaa (npm)
  • See details.
 2024-05-13T00:57:44Z No fix available
MAL-2024-1361
  • npm/discord-datas
 Malicious code in discord-datas (npm)
  • See details.
 2024-05-13T00:39:41Z No fix available
MAL-2024-1362
  • npm/encodelen
 Malicious code in encodelen (npm)
  • See details.
 2024-05-13T00:33:20Z No fix available
MAL-2024-1363
  • npm/input-fns
 Malicious code in input-fns (npm)
  • See details.
 2024-05-13T00:33:20Z No fix available
Load more...