Total
49 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-16054 | 1 Nodefabric Project | 1 Nodefabric | 2024-09-16 | N/A |
| `nodefabric` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16050 | 1 Sqlite.js Project | 1 Sqlite.js | 2024-09-16 | N/A |
| `sqlite.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16047 | 1 Mysqljs Project | 1 Mysqljs | 2024-09-16 | N/A |
| mysqljs was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16046 | 1 Mariadb | 1 Mariadb | 2024-09-16 | 7.5 High |
| `mariadb` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16128 | 1 Npm-script-demo Project | 1 Npm-script-demo | 2024-09-16 | N/A |
| The module npm-script-demo opened a connection to a command and control server. It has been removed from the npm registry. | ||||
| CVE-2017-16075 | 1 Http-proxy.js Project | 1 Http-proxy.js | 2024-09-16 | N/A |
| http-proxy.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16205 | 1 Coffescript Project | 1 Coffescript | 2024-09-16 | N/A |
| The coffescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | ||||
| CVE-2017-16058 | 1 Gruntcli Project | 1 Gruntcli | 2024-09-16 | N/A |
| gruntcli was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16078 | 1 Shadowsock Project | 1 Shadowsock | 2024-09-16 | N/A |
| shadowsock was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16061 | 1 Tkinter Package | 1 Tkinter | 2024-09-16 | N/A |
| tkinter was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16048 | 1 Node-sqlite Project | 1 Node-sqlite | 2024-09-16 | N/A |
| `node-sqlite` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16203 | 1 Coffescript Project | 1 Coffescript | 2024-09-16 | N/A |
| The coffe-script module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | ||||
| CVE-2017-16045 | 1 Jquery.js Project | 1 Jquery.js | 2024-09-16 | N/A |
| `jquery.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16073 | 1 Noderequest Project | 1 Noderequest | 2024-09-16 | N/A |
| noderequest was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16080 | 1 Nodesass Project | 1 Nodesass | 2024-09-16 | N/A |
| nodesass was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16063 | 1 Node-opensl Project | 1 Node-opensl | 2024-09-16 | N/A |
| node-opensl was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16072 | 1 Nodemailer.js Project | 1 Nodemailer.js | 2024-09-16 | N/A |
| nodemailer.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16062 | 1 Node-tkinter Project | 1 Node-tkinter | 2024-09-16 | 7.5 High |
| node-tkinter was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16079 | 1 Smb Project | 1 Smb | 2024-09-16 | N/A |
| smb was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16067 | 1 Node-opencv Project | 1 Node-opencv | 2024-09-16 | N/A |
| node-opencv was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||