Hackerone Latest High Vulnerabilities

Denial of Service Vulnerability in airMAX and EdgeMAX Products by Ubiquiti Networks

CVE-2017-0938

HackeroneAirmax, Edgemax7.5HIGH

Path Traversal Vulnerability in HTTP Live Simulator by N/A

CVE-2018-16479

HackeroneHttp-live-simulator7.5HIGH

Server Directory Traversal Vulnerability in mcstatic Module by Node.js

CVE-2018-16482

HackeroneMcstatic7.5HIGH

Access Control Flaw in Express Cart Affects Unprivileged User Privileges

CVE-2018-16483

HackeroneExpress-cart8.8HIGH

Prototype Pollution Vulnerability in Defaults-Deep Library by NPM

CVE-2018-16486

HackeroneDefaults-deep9.8CRITICAL

Prototype Pollution Vulnerability in Just-Extend by Just-Extend

CVE-2018-16489

HackeroneJust-extend9.8CRITICAL

Prototype Pollution Vulnerability in mpath Module by Unknown Vendor

CVE-2018-16490

HackeroneMpath7.5HIGH

Prototype Pollution Vulnerability in Node.extend by NodeJS

CVE-2018-16491

HackeroneNode.extend9.8CRITICAL

Prototype Pollution Vulnerability in 'extend' Module by Vendor

CVE-2018-16492

HackeroneExtend👾🟡9.8CRITICAL

Path Traversal Vulnerability in Static Resource Server by Vendor

CVE-2018-16493

HackeroneStatic-resource-server7.5HIGH

Prototype Pollution Vulnerability in Merge Package by VisionMedia

CVE-2018-16469

HackeroneMerge7.5HIGH

Path Traversal Vulnerability in SimpleHTTPServer by SimpleHTTPServer Inc.

CVE-2018-3787

HackeroneSimplehttpserver7.5HIGH

Improper Authentication in Nextcloud Server by Nextcloud

CVE-2018-3775

HackeroneNextcloud Server8.8HIGH

Remote Code Execution Vulnerability in ActiveSupport Ruby Gem from Ruby

CVE-2018-3779

HackeroneActive-support Ruby Gem9.8CRITICAL

Information Leak Vulnerability in Sprockets by Rails

CVE-2018-3760

HackeroneSprockets👾🟡EPSS 93%7.5HIGH

Unrestricted File Upload Vulnerability in Express-Cart by Artisans

CVE-2018-3758

HackeroneExpress-cart8.8HIGH

Malicious npm Module Hijacks Environment Variables in Node.js Application

CVE-2017-16056

HackeroneMssql.js Node Module7.5HIGH

Malicious Node.js Module Affects npm Environment Variables

CVE-2017-16057

HackeroneNodemssql Node Module7.5HIGH

Malicious Module Exploit in Grunt CLI by npm

CVE-2017-16058

HackeroneGruntcli Node Module7.5HIGH

Malicious Module Hijacking Environment Variables in Babel CLI by npm

CVE-2017-16060

HackeroneBabelcli Node Module7.5HIGH

Malicious Node.js Module Exploits Environment Variables in OpenSSL by Node.js

CVE-2017-16064

HackeroneNode-OpenSSL Node Module7.5HIGH

Environment Variable Hijacking Vulnerability in openssl.js from npm

CVE-2017-16065

HackeroneOpenSSL.js Node Module7.5HIGH

Malicious Module in OpenCV.js Affects Node.js Applications

CVE-2017-16066

HackeroneOpencv.js Node Module7.5HIGH

Environment Variable Hijacking in Node-OpenCV by NPM

CVE-2017-16067

HackeroneNode-opencv Node Module7.5HIGH

Environment Variable Hijacking Vulnerability in ffmpeg Module by NPM

CVE-2017-16068

HackeroneFfmepg Node Module7.5HIGH

hackerone Latest High & Critical Vulnerabilities

Vulnerability Published:

Sort By:

6 February 2019

Denial of Service Vulnerability in airMAX and EdgeMAX Products by Ubiquiti Networks

1 February 2019

Path Traversal Vulnerability in HTTP Live Simulator by N/A

Server Directory Traversal Vulnerability in mcstatic Module by Node.js

Access Control Flaw in Express Cart Affects Unprivileged User Privileges

Prototype Pollution Vulnerability in Defaults-Deep Library by NPM

Prototype Pollution Vulnerability in Just-Extend by Just-Extend

Prototype Pollution Vulnerability in mpath Module by Unknown Vendor

Prototype Pollution Vulnerability in Node.extend by NodeJS

Prototype Pollution Vulnerability in 'extend' Module by Vendor

Path Traversal Vulnerability in Static Resource Server by Vendor

30 October 2018

Prototype Pollution Vulnerability in Merge Package by VisionMedia

31 August 2018

Path Traversal Vulnerability in SimpleHTTPServer by SimpleHTTPServer Inc.

12 August 2018

Improper Authentication in Nextcloud Server by Nextcloud

10 August 2018

Remote Code Execution Vulnerability in ActiveSupport Ruby Gem from Ruby

26 June 2018

Information Leak Vulnerability in Sprockets by Rails

7 June 2018

Unrestricted File Upload Vulnerability in Express-Cart by Artisans

Malicious npm Module Hijacks Environment Variables in Node.js Application

Malicious Node.js Module Affects npm Environment Variables

Malicious Module Exploit in Grunt CLI by npm

Malicious Module Hijacking Environment Variables in Babel CLI by npm

Malicious Node.js Module Exploits Environment Variables in OpenSSL by Node.js

Environment Variable Hijacking Vulnerability in openssl.js from npm

Malicious Module in OpenCV.js Affects Node.js Applications

Environment Variable Hijacking in Node-OpenCV by NPM

Environment Variable Hijacking Vulnerability in ffmpeg Module by NPM