CWE-506— Embedded Malicious Code
56 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-506page 1 of 2
- CVE-2017-16044HIGHCVSS 7.52018-06-04
`d3.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16045HIGHCVSS 7.52018-06-04
`jquery.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16046HIGHCVSS 7.52018-06-04
`mariadb` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16047HIGHCVSS 7.52018-05-29
mysqljs was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16048HIGHCVSS 7.52018-06-04
`node-sqlite` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16049HIGHCVSS 7.52018-06-04
`nodesqlite` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16050HIGHCVSS 7.52018-06-04
`sqlite.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16051HIGHCVSS 7.52018-06-04
`sqliter` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16052HIGHCVSS 7.52018-06-04
`node-fabric` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16053HIGHCVSS 7.52018-06-04
`fabric-js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16054HIGHCVSS 7.52018-06-04
`nodefabric` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16055HIGHCVSS 7.52018-06-04
`sqlserver` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16056HIGHCVSS 7.52018-06-07
mssql.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16057HIGHCVSS 7.52018-06-07
nodemssql was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16058HIGHCVSS 7.52018-06-07
gruntcli was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16059HIGHCVSS 7.52018-06-07
mssql-node was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16060HIGHCVSS 7.52018-06-07
babelcli was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16061HIGHCVSS 7.52018-05-29
tkinter was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16062HIGHCVSS 7.52018-05-29
node-tkinter was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16063HIGHCVSS 7.52018-06-07
node-opensl was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16064HIGHCVSS 7.52018-06-07
node-openssl was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16065HIGHCVSS 7.52018-06-07
openssl.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16066HIGHCVSS 7.52018-06-07
opencv.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16067HIGHCVSS 7.52018-06-07
node-opencv was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16068HIGHCVSS 7.52018-06-07
ffmepg was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16069HIGHCVSS 7.52018-06-07
nodeffmpeg was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16070HIGHCVSS 7.52018-06-07
nodecaffe was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16071HIGHCVSS 7.52018-06-07
nodemailer-js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16072HIGHCVSS 7.52018-06-07
nodemailer.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16073HIGHCVSS 7.52018-06-07
noderequest was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16074HIGHCVSS 7.52018-06-07
crossenv was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16075HIGHCVSS 7.52018-06-07
http-proxy.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16076HIGHCVSS 7.52018-06-07
proxy.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16077HIGHCVSS 7.52018-06-07
mongose was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16078HIGHCVSS 7.52018-06-07
shadowsock was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16079HIGHCVSS 7.52018-06-07
smb was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16080HIGHCVSS 7.52018-06-07
nodesass was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16081HIGHCVSS 7.52018-06-07
cross-env.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16128CRITICALCVSS 9.82018-06-07
The module npm-script-demo opened a connection to a command and control server. It has been removed from the npm registry.
- CVE-2017-16202HIGHCVSS 7.52018-06-07
The cofeescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.
- CVE-2017-16203HIGHCVSS 7.52018-06-07
The coffe-script module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.
- CVE-2017-16204HIGHCVSS 7.52018-06-07
The jquey module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.
- CVE-2017-16205HIGHCVSS 7.52018-06-07
The coffescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.
- CVE-2017-16207HIGHCVSS 7.32018-06-07
discordi.js is a malicious module based on the discord.js library that exfiltrates login tokens to pastebin.
- CVE-2019-19771HIGHCVSS 8.8EG 8.82019-12-12
The lodahs package 0.0.1 for Node.js is a Trojan horse, and may have been installed by persons who mistyped the lodash package name. In particular, the Trojan horse finds and exfiltrates cryptocurrency wallets.
- CVE-2020-15165CRITICALCVSS 9.3EG 9.32020-08-28
Version 1.1.6-free of Chameleon Mini Live Debugger on Google Play Store may have had it's sources or permissions tampered by a malicious actor. The official maintainer of the package is recommending all users upgrade to v1.1.8 as soon as p…
- CVE-2021-22884HIGHCVSS 7.5EG 7.52021-03-03
Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via…
- CVE-2021-22887LOWCVSS 2.3EG 2.32021-03-16
A vulnerability in the BIOS of Pulse Secure (PSA-Series Hardware) models PSA5000 and PSA7000 could allow an attacker to compromise BIOS firmware. This vulnerability can be exploited only as part of an attack chain. Before an attacker can c…
- CVE-2021-26857HIGHCVSS 7.8EG 9.0⚠ KEV2021-03-03
Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2023-2003CRITICALCVSS 9.1EG 9.12023-07-13
Embedded malicious code vulnerability in Vision1210, in the build 5 of operating system version 4.3, which could allow a remote attacker to store base64-encoded malicious code in the device's data tables via the PCOM protocol, which can th…
Map vulnerabilities like CWE-506 to your infrastructure
EchelonGraph correlates every CVE — across CWE-506 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →