Vulnerability Library

ID
Packages
Summary
Affected versions
Published
Fix
MAL-2024-1051
Malicious code in build-benchmarks (npm)
  • 15.2.4
2024-03-02T12:56:12Z No fix available
GHSA-5mhg-wv8w-p59j
  • npm/directus
Directus version number disclosure
  • See details.
2024-03-01T20:11:05Z Fix available
GHSA-4g2x-vq5p-5vj6
  • npm/@budibase/server
Budibase affected by VM2 Constructor Escape Vulnerability
  • See details.
2024-03-01T20:09:00Z Fix available
GHSA-6927-3vr9-fxf2
  • npm/parse-server
ZDI-CAN-19105: Parse Server literalizeRegexPart SQL Injection
  • See details.
2024-03-01T20:08:23Z Fix available
MAL-2024-1049
Malicious code in sdge-it-tdg-dynamicloadprofiles (npm)
  • 1.0.1
2024-03-01T18:01:24Z No fix available
GHSA-qw9g-7549-7wg5
  • npm/directus
Directus has MySQL accent insensitive email matching
  • See details.
2024-03-01T16:58:20Z Fix available
GHSA-68c2-4mpx-qh95
  • npm/@sentry/react-native
Potential leakage of Sentry auth tokens by React Native SDK with Expo plugin
  • See details.
2024-03-01T16:57:56Z Fix available
MAL-2024-1048
Malicious code in @apics/apps-ppp-web (npm)
  • 9.34.0
  • 9.37.0
  • 9.39.0
  • 9.39.1
  • 9.39.2
2024-03-01T14:55:54Z No fix available
GHSA-fffg-cwc9-xvj7
  • npm/mongo-express
mongo-express Cross-site Request Forgery vulnerability
  • See details.
2024-03-01T09:31:06Z No fix available
GHSA-6jvg-hp25-42f6
  • npm/nteract
Nteract Remote Code Execution vulnerability
  • See details.
2024-03-01T06:33:06Z No fix available
GHSA-9vx6-7xxf-x967
  • npm/@openzeppelin/contracts
  • npm/@openzeppelin/contracts-upgradeable
OpenZeppelin Contracts base64 encoding may read from potentially dirty memory
  • See details.
2024-02-29T20:09:53Z Fix available
MAL-2024-1046
  • npm/tokenpairs
Malicious code in tokenpairs (npm)
  • See details.
2024-02-29T11:06:56Z No fix available
MAL-2024-1047
  • npm/tokenspair
Malicious code in tokenspair (npm)
  • See details.
2024-02-29T11:06:56Z No fix available
MAL-2024-1045
  • npm/tokenpair
Malicious code in tokenpair (npm)
  • See details.
2024-02-29T11:06:55Z No fix available
MAL-2024-1044
Malicious code in bubble-dev (npm)
  • 50.1.1
  • 90.2.2
2024-02-28T20:55:45Z No fix available
MAL-2024-1043
Malicious code in ux1-ui-kit-theme (npm)
  • 1.8.85
2024-02-28T16:23:30Z No fix available