Vulnerability Database
About
Vulnerability Library
search
All ecosystems
35478
Alpine
2864
Android
361
crates.io
946
Debian
8719
DWF
15
GitHub Actions
3
Go
887
GSD
35
Hex
18
JavaScript
1
Linux
9110
Maven
2156
npm
2637
NuGet
220
OSS-Fuzz
2457
Packagist
1060
Pub
3
PyPI
3510
RubyGems
476
UVI
0
ID
Packages
Summary
Affected versions
Last modified
Fix
GHSA-9qh2-6fxg-9m4g
npm/opencc
Out of bounds read in OpenCC
See details.
2022-09-30T13:10:06Z
No fix available
GHSA-mc23-976p-j42x
npm/xterm
npm/xterm
npm/xterm
Low severity vulnerability that affects xterm
See details.
2022-09-30T08:12:50Z
Fix available
GHSA-4rxr-27mm-mxq9
npm/@next-auth/upstash-redis-adapter
Upstash Adapter missing token verification
See details.
2022-09-30T05:31:32Z
Fix available
GHSA-4phg-hpqm-c3j4
npm/strapi
npm/@strapi/strapi
Strapi mishandles hidden attributes within admin API responses
See details.
2022-09-30T05:17:55Z
Fix available
GHSA-grjp-4jmr-mjcw
npm/express-xss-sanitizer
express-xss-sanitizer vulnerable to Prototype Pollution via allowedTags attribute
See details.
2022-09-30T04:42:55Z
Fix available
GHSA-cf4h-3jhx-xvhq
npm/underscore
Arbitrary Code Execution in underscore
See details.
2022-09-30T02:23:38Z
Fix available
GHSA-r48r-j8fx-mq2c
npm/matrix-js-sdk
matrix-js-sdk subject to user spoofing via Olm/Megolm protocol confusion
See details.
2022-09-30T00:41:24Z
Fix available
GHSA-6263-x97c-c4gg
npm/matrix-js-sdk
matrix-js-sdk subject to impersonated messages due to permissive key forwarding
See details.
2022-09-30T00:40:35Z
Fix available
GHSA-hvv8-5v86-r45x
npm/matrix-js-sdk
Improper beacon events in matrix-js-sdk can result in availability issues
See details.
2022-09-29T14:36:38Z
Fix available
GHSA-c429-5p7v-vgjp
npm/@hapi/hoek
npm/@hapi/hoek
hoek subject to prototype pollution via the clone function.
See details.
2022-09-29T14:13:31Z
Fix available
GHSA-36jr-mh4h-2g58
npm/d3-color
d3-color vulnerable to ReDoS
See details.
2022-09-29T14:12:55Z
Fix available
GHSA-q3f4-9h4p-vgr3
npm/@lionello/secp256k1-js
secp256k1-js implements ECDSA without required r and s validation, leading to signature forgery
See details.
2022-09-29T10:09:03Z
Fix available
GHSA-mrgp-mrhc-5jrq
npm/vm2
vm2 vulnerable to Sandbox Escape resulting in Remote Code Execution on host
See details.
2022-09-28T13:09:01Z
Fix available
GHSA-9jjv-524m-jm98
npm/@netlify/ipx
@netlify/ipx vulnerable to Full Response SSRF and Stored XSS via Cache Poisoning and Improper Host Validation
See details.
2022-09-28T03:32:53Z
Fix available
GHSA-42hx-vrxx-5r6v
npm/jodit
Jodit Editor vulnerable to Cross-site Scripting
See details.
2022-09-27T22:48:53Z
No fix available
GHSA-vv7x-7w4m-q72f
npm/fhir-works-on-aws-authz-smart
fhir-works-on-aws-authz-smart handles permissions improperly
See details.
2022-09-27T06:12:12Z
Fix available
Load more...
npm - OSV
