Vulnerability DB

VULNERABILITY	AFFECTS	TYPE	PUBLISHED
C Information Exposure Through Log Files	@valtimo/components <10.8.4 >=11.0.0 <11.1.6 >=11.2.0 <11.2.2	npm	14 May 2024
M Unrestricted Upload of File with Dangerous Type	nocodb >=0.202.6 <0.202.10	npm	14 May 2024
M Information Exposure	directus <10.11.0	npm	14 May 2024
H Cross-site Scripting (XSS)	nocodb <0.202.9	npm	14 May 2024
M Insufficient Session Expiration	directus >=10.10.0 <10.11.0	npm	14 May 2024
M SQL Injection	nocodb <0.202.10	npm	14 May 2024
H Inefficient Regular Expression Complexity	micromatch *	npm	13 May 2024
H Uncontrolled resource consumption	braces *	npm	13 May 2024
M Improper Input Validation	swagger-client <3.27.5	npm	13 May 2024
C Malicious Package	by-dynamic-domain *	npm	13 May 2024
C Malicious Package	by-fetch *	npm	13 May 2024
C Malicious Package	qaqazzaaa *	npm	13 May 2024
C Malicious Package	by-logger *	npm	13 May 2024
C Malicious Package	@asdfvr/qaqazzaaa *	npm	13 May 2024
C Malicious Package	encodelen *	npm	13 May 2024
C Malicious Package	input-fns *	npm	13 May 2024
C Malicious Package	discord-datas *	npm	13 May 2024
H Use After Free	electron <29.3.3	npm	12 May 2024
M Information Exposure	thelounge *	npm	10 May 2024
C Malicious Package	@content-platform/fadam-module *	npm	10 May 2024
C Malicious Package	fadam-module *	npm	10 May 2024
C Malicious Package	@content-platform/shared *	npm	10 May 2024
M Server-Side Request Forgery (SSRF)	next >=13.4.0 <14.1.1	npm	10 May 2024
H HTTP Request Smuggling	next >=13.4.0 <13.5.1	npm	10 May 2024
H XML External Entity (XXE) Injection	@cyclonedx/cyclonedx-library <6.7.1	npm	9 May 2024
H Use After Free	electron <29.3.3	npm	9 May 2024
M Server-side Request Forgery (SSRF)	swagger-ui-express <4.3.0	npm	9 May 2024
M Server-side Request Forgery (SSRF)	swagger-ui-express <4.3.0	npm	9 May 2024
C Malicious Package	ing-feat-grants-management *	npm	9 May 2024
C Malicious Package	@assistedtax/demo *	npm	9 May 2024

APPLICATION

OPERATING SYSTEM