The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Nodejs Modules ~ not comprehensive

Node.js aedes: privilege escalation
An attacker can bypass restrictions of Node.js aedes, in order to escalate his privileges...
VIGILANCE-VUL-26948
Node.js njwt: out-of-bounds memory reading
An attacker can force a read at an invalid address of Node.js njwt, in order to trigger a denial of service, or to obtain sensitive information...
VIGILANCE-VUL-26905
Node.js url-parse: open redirect
An attacker can deceive the user of Node.js url-parse, in order to redirect him to a malicious site...
VIGILANCE-VUL-26904
Node.js express-cart: directory traversal
An attacker can traverse directories of Node.js express-cart, in order to read a file outside the service root path...
CVE-2018-3758, VIGILANCE-VUL-26862
Node.js macaddress: code execution
An attacker can use a vulnerability of Node.js macaddress, in order to run code...
CVE-2018-13797, VIGILANCE-VUL-26686
Node.js unzipper: directory traversal
An attacker can traverse directories of Node.js unzipper, in order to create a file outside the service root path. This vulnerability is a member of the Zip Slip family (VIGILANCE-VUL-26357)...
CVE-2018-1002203, VIGILANCE-VUL-26401
Node.js adm-zip: directory traversal
An attacker can traverse directories of Node.js adm-zip, in order to create a file outside the service root path. This vulnerability is a member of the Zip Slip family (VIGILANCE-VUL-26357)...
CVE-2018-1002204, VIGILANCE-VUL-26400
Node.js serve: file reading
A local attacker can read a file of Node.js serve, in order to obtain sensitive information...
VIGILANCE-VUL-26312
Node.js sexstatic: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Node.js sexstatic, in order to run JavaScript code in the context of the web site...
VIGILANCE-VUL-26311
Node.js pdf-image: code execution via pdfFilePath
An attacker can use a vulnerability via pdfFilePath of Node.js pdf-image, in order to run code...
CVE-2018-3757, VIGILANCE-VUL-26310
Our database contains other pages. You can request a free trial to read them.

Display information about Nodejs Modules ~ not comprehensive: