Total
66 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-22887 | 2 Pulsesecure, Supermicro | 24 Psa-5000, Psa-5000 Firmware, Psa-7000 and 21 more | 2024-11-21 | 2.3 Low |
| A vulnerability in the BIOS of Pulse Secure (PSA-Series Hardware) models PSA5000 and PSA7000 could allow an attacker to compromise BIOS firmware. This vulnerability can be exploited only as part of an attack chain. Before an attacker can compromise the BIOS, they must exploit the device. | ||||
| CVE-2020-15165 | 1 Chameleon Mini Live Debugger Project | 1 Chameleon Mini Live Debugger | 2024-11-21 | 9.3 Critical |
| Version 1.1.6-free of Chameleon Mini Live Debugger on Google Play Store may have had it's sources or permissions tampered by a malicious actor. The official maintainer of the package is recommending all users upgrade to v1.1.8 as soon as possible. For more information, review the referenced GitHub Security Advisory. | ||||
| CVE-2017-16207 | 1 Discordi.js Project | 1 Discordi.js | 2024-11-21 | N/A |
| discordi.js is a malicious module based on the discord.js library that exfiltrates login tokens to pastebin. | ||||
| CVE-2017-16205 | 1 Coffescript Project | 1 Coffescript | 2024-11-21 | N/A |
| The coffescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | ||||
| CVE-2017-16204 | 1 Jquey Project | 1 Jquey | 2024-11-21 | N/A |
| The jquey module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | ||||
| CVE-2017-16203 | 1 Coffescript Project | 1 Coffescript | 2024-11-21 | N/A |
| The coffe-script module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | ||||
| CVE-2017-16202 | 1 Cofeescript Project | 1 Cofeescript | 2024-11-21 | N/A |
| The cofeescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | ||||
| CVE-2017-16128 | 1 Npm-script-demo Project | 1 Npm-script-demo | 2024-11-21 | N/A |
| The module npm-script-demo opened a connection to a command and control server. It has been removed from the npm registry. | ||||
| CVE-2017-16081 | 1 Cross-env.js Project | 1 Cross-env.js | 2024-11-21 | N/A |
| cross-env.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16080 | 1 Nodesass Project | 1 Nodesass | 2024-11-21 | N/A |
| nodesass was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16079 | 1 Smb Project | 1 Smb | 2024-11-21 | N/A |
| smb was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16078 | 1 Shadowsock Project | 1 Shadowsock | 2024-11-21 | N/A |
| shadowsock was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16077 | 1 Mongose Project | 1 Mongose | 2024-11-21 | N/A |
| mongose was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16076 | 1 Proxy.js Project | 1 Proxy.js | 2024-11-21 | N/A |
| proxy.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16075 | 1 Http-proxy.js Project | 1 Http-proxy.js | 2024-11-21 | N/A |
| http-proxy.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16074 | 1 Crossenv Project | 1 Crossenv | 2024-11-21 | N/A |
| crossenv was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16073 | 1 Noderequest Project | 1 Noderequest | 2024-11-21 | N/A |
| noderequest was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16072 | 1 Nodemailer.js Project | 1 Nodemailer.js | 2024-11-21 | N/A |
| nodemailer.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16071 | 1 Nodemailer-js Project | 1 Nodemailer-js | 2024-11-21 | N/A |
| nodemailer-js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16070 | 1 Nodecaffe Project | 1 Nodecaffe | 2024-11-21 | N/A |
| nodecaffe was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||