node-simple-router is a minimalistic router for Node. node-simple-router is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. Date published : 2018-06-06 https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/node-simple-router https://nodesecurity.io/advisories/352
A remote code execution vulnerability was found within the pg module when the remote database or query specifies a specially crafted column name. There are 2 likely scenarios in which one would likely be...
cross-env.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Date published : 2018-06-06 https://nodesecurity.io/advisories/520
nodesass was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Date published : 2018-06-06 https://nodesecurity.io/advisories/519
smb was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Date published : 2018-06-06 https://nodesecurity.io/advisories/518
shadowsock was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Date published : 2018-06-06 https://nodesecurity.io/advisories/517
mongose was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Date published : 2018-06-06 https://nodesecurity.io/advisories/516
proxy.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Date published : 2018-06-06 https://nodesecurity.io/advisories/515
http-proxy.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Date published : 2018-06-06 https://nodesecurity.io/advisories/514
crossenv was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Date published : 2018-06-06 https://nodesecurity.io/advisories/513
noderequest was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Date published : 2018-06-06 https://nodesecurity.io/advisories/512
nodemailer.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Date published : 2018-06-06 https://nodesecurity.io/advisories/511
nodemailer-js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Date published : 2018-06-06 https://nodesecurity.io/advisories/510
nodecaffe was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Date published : 2018-06-06 https://nodesecurity.io/advisories/509