Vendor CVEs
Lumiverse
All CVEs
86 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-44450 | Cri | 0.64 | 9.9 | 0.00 | May 26, 2026 | Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the MCP server creation endpoint validates the command field against an allowlist of binary names but forwards the args array to the child process without any validation. Every binary on the allowlist accepts an… | ||
| CVE-2024-39015 | Cri | 0.64 | 9.8 | 0.01 | Jul 1, 2024 | cafebazaar hod v0.4.14 was discovered to contain a prototype pollution via the function request. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties. | ||
| CVE-2024-39013 | Cri | 0.64 | 9.8 | 0.01 | Jul 1, 2024 | 2o3t-utility v0.1.2 was discovered to contain a prototype pollution via the function extend. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties. | ||
| CVE-2024-36575 | Cri | 0.64 | 9.8 | 0.01 | Jun 17, 2024 | A Prototype Pollution issue in getsetprop 1.1.0 allows an attacker to execute arbitrary code via global.accessor. | ||
| CVE-2026-47430 | Cri | 0.62 | — | 0.01 | Jun 8, 2026 | ## Summary The iOS implementation of `cordova-plugin-inappbrowser` passes the `id` field from a `WKScriptMessage` body to `commandDelegate sendPluginResult:callbackId:` with no format validation (`CDVWKInAppBrowser.m:560–574`). Any web content loaded inside the InAppBrowser… | ||
| CVE-2018-12519 | Hig | 0.61 | 8.8 | 0.08 | Jun 19, 2018 | An issue was discovered in ShopNx through 2017-11-17. The vulnerability allows a remote attacker to upload any malicious file to a Node.js application. An attacker can upload a malicious HTML file that contains a JavaScript payload to steal a user's credentials. | ||
| CVE-2026-44451 | Cri | 0.60 | 9.3 | 0.00 | May 26, 2026 | Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the component override system transpiles user-supplied TSX via Sucrase and evaluates it with new Function, shadowing dangerous globals (fetch, window, eval, etc.) with undefined. A static source validator… | ||
| CVE-2026-44449 | Cri | 0.59 | 9.1 | 0.00 | May 26, 2026 | Lumiverse is a full-featured AI chat application. Prior to 0.9.7, when the primary toSmbPath(fullPath) call throws, the method falls back to a dirname/basename split and only validates the directory prefix. The basename is concatenated directly into the smbclient -c script… | ||
| CVE-2026-44444 | Cri | 0.59 | 9.1 | 0.00 | May 26, 2026 | Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the Spindle extension build pipeline calls bun install without the --ignore-scripts flag before running the static backend safety scan (assertSafeBackendBundle). A malicious extension that ships a package.json… | ||
| CVE-2019-19723 | cri | 0.59 | — | 0.00 | Sep 4, 2020 | All versions of `passport-cognito` are vulnerable to Improper Authorization. The package fails to properly scope the variables containing authorization information, such as access token, refresh token and ID token. This causes a race condition where simultaneous authenticated… | ||
| CVE-2017-16034 | cri | 0.59 | — | 0.00 | Sep 1, 2020 | Affected versions of `pidusage` pass unsanitized input to `child_process.exec()`, resulting in arbitrary code execution in the `ps` method. This package is vulnerable to this PoC on Darwin, SunOS, FreeBSD, and AIX. Windows and Linux are not vulnerable. ## Proof of Concept… | ||
| CVE-2026-9961 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Use after free in SurfaceCapture in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2024-39016 | Hig | 0.53 | 8.1 | 0.01 | Jul 1, 2024 | che3vinci c3/utils-1 1.0.131 was discovered to contain a prototype pollution via the function assign. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties. | ||
| CVE-2026-34713 | Hig | 0.49 | 7.5 | 0.00 | Jun 9, 2026 | CAI Content Credentials versions c2pa-web@0.7.1, c2pa-v0.80.1 and earlier are affected by an Uncontrolled Resource Consumption vulnerability. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition.… | ||
| CVE-2026-34711 | Hig | 0.49 | 7.5 | 0.00 | Jun 9, 2026 | CAI Content Credentials versions c2pa-web@0.7.1, c2pa-v0.80.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue… | ||
| CVE-2026-9956 | Hig | 0.49 | 7.5 | 0.00 | May 28, 2026 | Use after free in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9496 | Hig | 0.49 | 7.5 | 0.00 | May 26, 2026 | Versions of the package pacote from 11.2.7 are vulnerable to Denial of Service (DoS) via the addGitSha function. An attacker can exploit this vulnerability by supplying a specially crafted spec.rawSpec value that triggers the function’s regex replacement and… | ||
| CVE-2024-36527 | Med | 0.49 | 6.5 | 0.03 | Jun 17, 2024 | puppeteer-renderer v.3.2.0 and before is vulnerable to Directory Traversal. Attackers can exploit the URL parameter using the file protocol to read sensitive information from the server. | ||
| CVE-2024-22363 | Hig | 0.49 | 7.5 | 0.01 | Apr 5, 2024 | SheetJS Community Edition before 0.20.2 is vulnerable.to Regular Expression Denial of Service (ReDoS). | ||
| CVE-2018-11615 | Hig | 0.49 | 7.5 | 0.03 | Aug 30, 2018 | This vulnerability allows remote attackers to deny service on vulnerable installations of npm mosca 2.8.1. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of topics. A crafted regular expression can cause the broker to… | ||
| CVE-2018-10813 | Hig | 0.48 | 7.3 | 0.01 | Jun 5, 2018 | In Dedos-web 1.0, the cookie and session secrets used in the Express.js application have hardcoded values that are visible in the source code published on GitHub. An attacker can edit the contents of the session cookie and re-sign it using the hardcoded secret. Due to the use of… | ||
| CVE-2024-32753 | Hig | 0.46 | — | 0.00 | Jul 11, 2024 | Under certain circumstances the camera may be susceptible to known vulnerabilities associated with the JQuery versions prior to 3.5.0 third-party component | ||
| CVE-2016-1000227 | hig | 0.45 | — | 0.01 | Sep 1, 2020 | All versions of `bootstrap-tagsinput` are vulnerable to cross-site scripting when user input is passed into the `itemTitle` parameter unmodified, as the package fails to properly sanitize or encode user input for that parameter. ## Recommendation This package is not actively… | ||
| CVE-2018-8046 | Med | 0.45 | 6.1 | 0.67 | Jul 5, 2018 | The getTip() method of Action Columns of Sencha Ext JS 4 to 6 before 6.6.0 is vulnerable to XSS attacks, even when passed HTML-escaped data. This framework brings no built-in XSS protection, so the developer has to ensure that data is correctly sanitized. However, the getTip()… | ||
| CVE-2024-38990 | Med | 0.41 | 6.3 | 0.00 | Jul 1, 2024 | Tada5hi sp-common v0.5.4 was discovered to contain a prototype pollution via the function mergeDeep. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties. | ||
| CVE-2026-47903 | Med | 0.40 | 6.2 | 0.00 | Jun 9, 2026 | CAI Content Credentials versions c2pa-web@0.7.1, c2pa-v0.80.1 and earlier are affected by an Improper Input Validation vulnerability. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does… | ||
| CVE-2018-17046 | Med | 0.40 | 6.1 | 0.01 | Sep 14, 2018 | translate man before 2018-08-21 has XSS via containers/outputBox/outputBox.vue and store/index.js. | ||
| CVE-2017-16087 | hig | 0.38 | — | — | May 29, 2019 | ## Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-wp3j-gv53-4pg8. This link is maintained to preserve external references. ## Original Description Affected versions of `fs-git` do not sanitize strings passed into the `buildCommand` method,… | ||
| CVE-2026-53606 | Med | 0.35 | 5.4 | 0.00 | Jun 12, 2026 | ApostropheCMS is an open-source Node.js content management system, and sanitize-html provides a simple HTML sanitizer with a clear API. Versions of sanitize-html prior to 2.17.5 use `allowedSchemesAppliedToAttributes` (default: `['href', 'src', 'cite']`) to gate the… | ||
| CVE-2026-11232 | Med | 0.35 | 5.4 | 0.00 | Jun 4, 2026 | Inappropriate implementation in TabGroups in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via malicious network traffic. (Chromium security severity: Low) | ||
| CVE-2018-10178 | Med | 0.35 | 5.3 | 0.01 | Apr 17, 2018 | The FromDocToPDF extension before 13.611.13.2303 for Chrome allows remote attackers to discover visited web sites via vectors involving a mostVisitedSites command. | ||
| CVE-2026-44443 | Med | 0.31 | 4.8 | 0.00 | May 26, 2026 | Lumiverse is a full-featured AI chat application. Prior to 0.9.7, consumeNonce() only checks that the module-level variable is set and unexpired. It does not validate any value from the incoming HTTP request or bind the nonce to the admin's session. If the admin's… | ||
| CVE-2024-25503 | Med | 0.31 | 4.7 | 0.01 | Apr 4, 2024 | Cross Site Scripting (XSS) vulnerability in Advanced REST Client v.17.0.9 allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted script to the edit details parameter of the New Project function. | ||
| CVE-2026-9467 | Med | 0.28 | 4.3 | 0.00 | May 25, 2026 | A vulnerability was identified in debugmcp mcp-debugger up to 0.20.0. Impacted is the function handleGetSourceContext of the file src/server.ts. The manipulation leads to path traversal. The attack is possible to be carried out remotely. The exploit is publicly available and… | ||
| CVE-2016-1000224 | med | 0.26 | — | 0.00 | Sep 1, 2020 | Affected versions of `ezseed-transmission` download and run a script over an HTTP connection. An attacker in a privileged network position could launch a Man-in-the-Middle attack and intercept the script, replacing it with malicious code, completely compromising the system… | ||
| CVE-2014-8881 | med | 0.26 | — | 0.02 | Sep 1, 2020 | All versions of the `bleach` package are vulnerable to a regular expression denial of service attack when certain types of input are passed into the sanitize function. ## Recommendation The `bleach` package is not currently maintained, and has not seen an update since 2014. … | ||
| CVE-2014-8883 | med | 0.26 | — | 0.01 | Aug 31, 2020 | All versions of the static file server module nhouston are vulnerable to directory traversal. An attacker can provide input such as `../` to read files outside of the served directory. ## Recommendation It is recommended that a different module be used, as we have been unable… | ||
| CVE-2026-11686 | Low | 0.20 | 3.1 | 0.00 | Jun 9, 2026 | Insufficient validation of untrusted input in Dawn in Google Chrome on macOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2014-125128 | 0.00 | — | 0.00 | Sep 8, 2025 | 'sanitize-html' prior to version 1.0.3 is vulnerable to Cross-site Scripting (XSS). The function 'naughtyHref' doesn't properly validate the hyperreference (`href`) attribute in anchor tags (``), allowing bypasses that contain different casings, whitespace characters, or… | |||
| CVE-2023-26129 | 0.00 | — | 0.01 | May 27, 2023 | All versions of the package bwm-ng are vulnerable to Command Injection due to improper input sanitization in the 'check' function in the bwm-ng.js file. **Note:** To execute the code snippet and potentially exploit the vulnerability, the attacker needs to have the ability to… | |||
| CVE-2020-28455 | 0.00 | — | 0.01 | Jul 25, 2022 | This affects all versions of package markdown-it-toc. The title of the generated toc and the contents of the header are not escaped. | |||
| CVE-2020-28435 | 0.00 | — | 0.01 | Jul 25, 2022 | This affects all versions of package ffmpeg-sdk. The injection point is located in line 9 in index.js. | |||
| CVE-2022-25869 | 0.00 | — | 0.05 | Jul 15, 2022 | All versions of the package angular; all versions of the package angularjs.core; all versions of the package angularjs are vulnerable to Cross-site Scripting (XSS) due to insecure page caching in the Internet Explorer browser, which allows interpolation of elements. | |||
| CVE-2022-29244 | 0.00 | — | 0.03 | Jun 13, 2022 | npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace or with a workspace flag (ie. `--workspaces`, `--workspace=`). Anyone who has run `npm pack` or `npm publish` inside a workspace, as of v7.9.0 and v7.13.0 respectively,… | |||
| CVE-2021-43616 | 0.00 | — | 0.03 | Nov 13, 2021 | The npm ci command in npm 7.x and 8.x through 8.1.3 proceeds with an installation even if dependency information in package-lock.json differs from package.json. This behavior is inconsistent with the documentation, and makes it easier for attackers to install malware that was… | |||
| CVE-2021-39135 | 0.00 | — | 0.01 | Aug 31, 2021 | `@npmcli/arborist`, the library that calculates dependency trees and manages the node_modules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed… | |||
| CVE-2021-39134 | 0.00 | — | 0.01 | Aug 31, 2021 | `@npmcli/arborist`, the library that calculates dependency trees and manages the `node_modules` folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed… | |||
| CVE-2021-23411 | 0.00 | — | 0.01 | Jul 21, 2021 | Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the main functionality. It accepts input that can result in the output (an anchor a tag) containing undesirable Javascript code that can be executed upon user interaction. | |||
| CVE-2020-28448 | 0.00 | — | 0.01 | Dec 22, 2020 | This affects the package multi-ini before 2.1.1. It is possible to pollute an object's prototype by specifying the proto object as part of an array. | |||
| CVE-2020-28439 | 0.00 | — | 0.02 | Dec 11, 2020 | This affects all versions of package corenlp-js-prefab. The injection point is located in line 10 in 'index.js.' It depends on a vulnerable package 'corenlp-js-interface.' Vulnerability can be exploited with the following PoC: |
- risk 0.64cvss 9.9epss 0.00
Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the MCP server creation endpoint validates the command field against an allowlist of binary names but forwards the args array to the child process without any validation. Every binary on the allowlist accepts an…
- risk 0.64cvss 9.8epss 0.01
cafebazaar hod v0.4.14 was discovered to contain a prototype pollution via the function request. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.
- risk 0.64cvss 9.8epss 0.01
2o3t-utility v0.1.2 was discovered to contain a prototype pollution via the function extend. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.
- risk 0.64cvss 9.8epss 0.01
A Prototype Pollution issue in getsetprop 1.1.0 allows an attacker to execute arbitrary code via global.accessor.
- risk 0.62cvss —epss 0.01
## Summary The iOS implementation of `cordova-plugin-inappbrowser` passes the `id` field from a `WKScriptMessage` body to `commandDelegate sendPluginResult:callbackId:` with no format validation (`CDVWKInAppBrowser.m:560–574`). Any web content loaded inside the InAppBrowser…
- risk 0.61cvss 8.8epss 0.08
An issue was discovered in ShopNx through 2017-11-17. The vulnerability allows a remote attacker to upload any malicious file to a Node.js application. An attacker can upload a malicious HTML file that contains a JavaScript payload to steal a user's credentials.
- risk 0.60cvss 9.3epss 0.00
Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the component override system transpiles user-supplied TSX via Sucrase and evaluates it with new Function, shadowing dangerous globals (fetch, window, eval, etc.) with undefined. A static source validator…
- risk 0.59cvss 9.1epss 0.00
Lumiverse is a full-featured AI chat application. Prior to 0.9.7, when the primary toSmbPath(fullPath) call throws, the method falls back to a dirname/basename split and only validates the directory prefix. The basename is concatenated directly into the smbclient -c script…
- risk 0.59cvss 9.1epss 0.00
Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the Spindle extension build pipeline calls bun install without the --ignore-scripts flag before running the static backend safety scan (assertSafeBackendBundle). A malicious extension that ships a package.json…
- risk 0.59cvss —epss 0.00
All versions of `passport-cognito` are vulnerable to Improper Authorization. The package fails to properly scope the variables containing authorization information, such as access token, refresh token and ID token. This causes a race condition where simultaneous authenticated…
- risk 0.59cvss —epss 0.00
Affected versions of `pidusage` pass unsanitized input to `child_process.exec()`, resulting in arbitrary code execution in the `ps` method. This package is vulnerable to this PoC on Darwin, SunOS, FreeBSD, and AIX. Windows and Linux are not vulnerable. ## Proof of Concept…
- risk 0.57cvss 8.8epss 0.00
Use after free in SurfaceCapture in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- risk 0.53cvss 8.1epss 0.01
che3vinci c3/utils-1 1.0.131 was discovered to contain a prototype pollution via the function assign. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.
- risk 0.49cvss 7.5epss 0.00
CAI Content Credentials versions c2pa-web@0.7.1, c2pa-v0.80.1 and earlier are affected by an Uncontrolled Resource Consumption vulnerability. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition.…
- risk 0.49cvss 7.5epss 0.00
CAI Content Credentials versions c2pa-web@0.7.1, c2pa-v0.80.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue…
- risk 0.49cvss 7.5epss 0.00
Use after free in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.00
Versions of the package pacote from 11.2.7 are vulnerable to Denial of Service (DoS) via the addGitSha function. An attacker can exploit this vulnerability by supplying a specially crafted spec.rawSpec value that triggers the function’s regex replacement and…
- risk 0.49cvss 6.5epss 0.03
puppeteer-renderer v.3.2.0 and before is vulnerable to Directory Traversal. Attackers can exploit the URL parameter using the file protocol to read sensitive information from the server.
- risk 0.49cvss 7.5epss 0.01
SheetJS Community Edition before 0.20.2 is vulnerable.to Regular Expression Denial of Service (ReDoS).
- risk 0.49cvss 7.5epss 0.03
This vulnerability allows remote attackers to deny service on vulnerable installations of npm mosca 2.8.1. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of topics. A crafted regular expression can cause the broker to…
- risk 0.48cvss 7.3epss 0.01
In Dedos-web 1.0, the cookie and session secrets used in the Express.js application have hardcoded values that are visible in the source code published on GitHub. An attacker can edit the contents of the session cookie and re-sign it using the hardcoded secret. Due to the use of…
- risk 0.46cvss —epss 0.00
Under certain circumstances the camera may be susceptible to known vulnerabilities associated with the JQuery versions prior to 3.5.0 third-party component
- risk 0.45cvss —epss 0.01
All versions of `bootstrap-tagsinput` are vulnerable to cross-site scripting when user input is passed into the `itemTitle` parameter unmodified, as the package fails to properly sanitize or encode user input for that parameter. ## Recommendation This package is not actively…
- risk 0.45cvss 6.1epss 0.67
The getTip() method of Action Columns of Sencha Ext JS 4 to 6 before 6.6.0 is vulnerable to XSS attacks, even when passed HTML-escaped data. This framework brings no built-in XSS protection, so the developer has to ensure that data is correctly sanitized. However, the getTip()…
- risk 0.41cvss 6.3epss 0.00
Tada5hi sp-common v0.5.4 was discovered to contain a prototype pollution via the function mergeDeep. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.
- risk 0.40cvss 6.2epss 0.00
CAI Content Credentials versions c2pa-web@0.7.1, c2pa-v0.80.1 and earlier are affected by an Improper Input Validation vulnerability. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does…
- risk 0.40cvss 6.1epss 0.01
translate man before 2018-08-21 has XSS via containers/outputBox/outputBox.vue and store/index.js.
- risk 0.38cvss —epss —
## Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-wp3j-gv53-4pg8. This link is maintained to preserve external references. ## Original Description Affected versions of `fs-git` do not sanitize strings passed into the `buildCommand` method,…
- risk 0.35cvss 5.4epss 0.00
ApostropheCMS is an open-source Node.js content management system, and sanitize-html provides a simple HTML sanitizer with a clear API. Versions of sanitize-html prior to 2.17.5 use `allowedSchemesAppliedToAttributes` (default: `['href', 'src', 'cite']`) to gate the…
- risk 0.35cvss 5.4epss 0.00
Inappropriate implementation in TabGroups in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via malicious network traffic. (Chromium security severity: Low)
- risk 0.35cvss 5.3epss 0.01
The FromDocToPDF extension before 13.611.13.2303 for Chrome allows remote attackers to discover visited web sites via vectors involving a mostVisitedSites command.
- risk 0.31cvss 4.8epss 0.00
Lumiverse is a full-featured AI chat application. Prior to 0.9.7, consumeNonce() only checks that the module-level variable is set and unexpired. It does not validate any value from the incoming HTTP request or bind the nonce to the admin's session. If the admin's…
- risk 0.31cvss 4.7epss 0.01
Cross Site Scripting (XSS) vulnerability in Advanced REST Client v.17.0.9 allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted script to the edit details parameter of the New Project function.
- risk 0.28cvss 4.3epss 0.00
A vulnerability was identified in debugmcp mcp-debugger up to 0.20.0. Impacted is the function handleGetSourceContext of the file src/server.ts. The manipulation leads to path traversal. The attack is possible to be carried out remotely. The exploit is publicly available and…
- risk 0.26cvss —epss 0.00
Affected versions of `ezseed-transmission` download and run a script over an HTTP connection. An attacker in a privileged network position could launch a Man-in-the-Middle attack and intercept the script, replacing it with malicious code, completely compromising the system…
- risk 0.26cvss —epss 0.02
All versions of the `bleach` package are vulnerable to a regular expression denial of service attack when certain types of input are passed into the sanitize function. ## Recommendation The `bleach` package is not currently maintained, and has not seen an update since 2014. …
- risk 0.26cvss —epss 0.01
All versions of the static file server module nhouston are vulnerable to directory traversal. An attacker can provide input such as `../` to read files outside of the served directory. ## Recommendation It is recommended that a different module be used, as we have been unable…
- risk 0.20cvss 3.1epss 0.00
Insufficient validation of untrusted input in Dawn in Google Chrome on macOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
- CVE-2014-125128Sep 8, 2025risk 0.00cvss —epss 0.00
'sanitize-html' prior to version 1.0.3 is vulnerable to Cross-site Scripting (XSS). The function 'naughtyHref' doesn't properly validate the hyperreference (`href`) attribute in anchor tags (``), allowing bypasses that contain different casings, whitespace characters, or…
- CVE-2023-26129May 27, 2023risk 0.00cvss —epss 0.01
All versions of the package bwm-ng are vulnerable to Command Injection due to improper input sanitization in the 'check' function in the bwm-ng.js file. **Note:** To execute the code snippet and potentially exploit the vulnerability, the attacker needs to have the ability to…
- CVE-2020-28455Jul 25, 2022risk 0.00cvss —epss 0.01
This affects all versions of package markdown-it-toc. The title of the generated toc and the contents of the header are not escaped.
- CVE-2020-28435Jul 25, 2022risk 0.00cvss —epss 0.01
This affects all versions of package ffmpeg-sdk. The injection point is located in line 9 in index.js.
- CVE-2022-25869Jul 15, 2022risk 0.00cvss —epss 0.05
All versions of the package angular; all versions of the package angularjs.core; all versions of the package angularjs are vulnerable to Cross-site Scripting (XSS) due to insecure page caching in the Internet Explorer browser, which allows interpolation of elements.
- CVE-2022-29244Jun 13, 2022risk 0.00cvss —epss 0.03
npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace or with a workspace flag (ie. `--workspaces`, `--workspace=`). Anyone who has run `npm pack` or `npm publish` inside a workspace, as of v7.9.0 and v7.13.0 respectively,…
- CVE-2021-43616Nov 13, 2021risk 0.00cvss —epss 0.03
The npm ci command in npm 7.x and 8.x through 8.1.3 proceeds with an installation even if dependency information in package-lock.json differs from package.json. This behavior is inconsistent with the documentation, and makes it easier for attackers to install malware that was…
- CVE-2021-39135Aug 31, 2021risk 0.00cvss —epss 0.01
`@npmcli/arborist`, the library that calculates dependency trees and manages the node_modules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed…
- CVE-2021-39134Aug 31, 2021risk 0.00cvss —epss 0.01
`@npmcli/arborist`, the library that calculates dependency trees and manages the `node_modules` folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed…
- CVE-2021-23411Jul 21, 2021risk 0.00cvss —epss 0.01
Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the main functionality. It accepts input that can result in the output (an anchor a tag) containing undesirable Javascript code that can be executed upon user interaction.
- CVE-2020-28448Dec 22, 2020risk 0.00cvss —epss 0.01
This affects the package multi-ini before 2.1.1. It is possible to pollute an object's prototype by specifying the proto object as part of an array.
- CVE-2020-28439Dec 11, 2020risk 0.00cvss —epss 0.02
This affects all versions of package corenlp-js-prefab. The injection point is located in line 10 in 'index.js.' It depends on a vulnerable package 'corenlp-js-interface.' Vulnerability can be exploited with the following PoC:
Page 1 of 2