Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2017-16060

    babelcli was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.... Read more

    Affected Products : babelcli
    • Published: Jun. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16059

    mssql-node was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.... Read more

    Affected Products : mssql-node
    • Published: Jun. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16058

    gruntcli was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.... Read more

    Affected Products : gruntcli
    • Published: Jun. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16057

    nodemssql was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.... Read more

    Affected Products : nodemssql
    • Published: Jun. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16056

    mssql.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.... Read more

    Affected Products : mssql.js
    • Published: Jun. 07, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16055

    `sqlserver` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.... Read more

    Affected Products : sqlserver
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16054

    `nodefabric` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.... Read more

    Affected Products : nodefabric
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16053

    `fabric-js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.... Read more

    Affected Products : fabric-js
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16052

    `node-fabric` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.... Read more

    Affected Products : node-fabric
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16051

    `sqliter` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.... Read more

    Affected Products : sqliter
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16050

    `sqlite.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.... Read more

    Affected Products : sqlite.js
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16049

    `nodesqlite` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.... Read more

    Affected Products : nodesqlite
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16048

    `node-sqlite` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.... Read more

    Affected Products : node-sqlite
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16047

    mysqljs was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.... Read more

    Affected Products : mysqljs
    • Published: May. 29, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16046

    `mariadb` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.... Read more

    Affected Products : mariadb
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16045

    `jquery.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.... Read more

    Affected Products : jquery.js
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-16044

    `d3.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.... Read more

    Affected Products : d3.js
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-16043

    Shout is an IRC client. Because the `/topic` command in messages is unescaped, attackers have the ability to inject HTML scripts that will run in the victim's browser. Affects shout >=0.44.0 <=0.49.3.... Read more

    Affected Products : shout
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-16042

    Growl adds growl notification support to nodejs. Growl before 1.10.2 does not properly sanitize input before passing it to exec, allowing for arbitrary command execution.... Read more

    Affected Products : growl
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2017-16041

    ikst versions before 1.1.2 download resources over HTTP, which leaves it vulnerable to MITM attacks.... Read more

    Affected Products : ikst
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 292846 Results