The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Node.js Modules ~ not comprehensive

Node.js panellum: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Node.js panellum, in order to run JavaScript code in the context of the web site...
NPM-1418, VIGILANCE-VUL-31037
Node.js iobroker.admin: directory traversal
An attacker can traverse directories of Node.js iobroker.admin, in order to create a file outside the service root path...
NPM-1346, VIGILANCE-VUL-31012
Node.js iobroker.web: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Node.js iobroker.web, in order to run JavaScript code in the context of the web site...
NPM-1345, VIGILANCE-VUL-31011
Node.js Angular: privilege escalation via Prototype Pollution
An attacker can bypass restrictions via Prototype Pollution of Node.js Angular, in order to escalate his privileges...
NPM-1343, VIGILANCE-VUL-30934
Node.js handlebars: two vulnerabilities
An attacker can use several vulnerabilities of Node.js handlebars...
NPM-1324, NPM-1325, VIGILANCE-VUL-30918
Node.js handlebars: code execution via Lookup Helper
An attacker can use a vulnerability via Lookup Helper of Node.js handlebars, in order to run code...
NPM-1316, VIGILANCE-VUL-30892
Node.js strapi: privilege escalation via Password Reset
An attacker can bypass restrictions via Password Reset of Node.js strapi, in order to escalate his privileges...
NPM-1311, VIGILANCE-VUL-30835
Node.js express-fileupload: denial of service
An attacker can trigger a fatal error of Node.js express-fileupload, in order to trigger a denial of service...
NPM-1216, VIGILANCE-VUL-30707
Node.js hexo-admin: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Node.js hexo-admin, in order to run JavaScript code in the context of the web site...
CVE-2019-17606, NPM-1211, VIGILANCE-VUL-30706
Node.js dompurify: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Node.js dompurify, in order to run JavaScript code in the context of the web site...
NPM-1223, VIGILANCE-VUL-30692
Our database contains other pages. You can request a free trial to read them.

Display information about Node.js Modules ~ not comprehensive: