CWE-506— Embedded Malicious Code
85 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-506page 1 of 2
- CVE-2017-16044HIGHCVSS 7.5EG 7.52018-06-04
`d3.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16045HIGHCVSS 7.5EG 7.52018-06-04
`jquery.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16046HIGHCVSS 7.5EG 7.52018-06-04
`mariadb` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16047HIGHCVSS 7.5EG 7.52018-05-29
mysqljs was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16048HIGHCVSS 7.5EG 7.52018-06-04
`node-sqlite` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16049HIGHCVSS 7.5EG 7.52018-06-04
`nodesqlite` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16050HIGHCVSS 7.5EG 7.52018-06-04
`sqlite.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16051HIGHCVSS 7.5EG 7.52018-06-04
`sqliter` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16052HIGHCVSS 7.5EG 7.52018-06-04
`node-fabric` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16053HIGHCVSS 7.5EG 7.52018-06-04
`fabric-js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16054HIGHCVSS 7.5EG 7.52018-06-04
`nodefabric` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16055HIGHCVSS 7.5EG 7.52018-06-04
`sqlserver` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16056HIGHCVSS 7.5EG 7.52018-06-07
mssql.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16057HIGHCVSS 7.5EG 7.52018-06-07
nodemssql was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16058HIGHCVSS 7.5EG 7.52018-06-07
gruntcli was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16059HIGHCVSS 7.5EG 7.52018-06-07
mssql-node was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16060HIGHCVSS 7.5EG 7.52018-06-07
babelcli was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16061HIGHCVSS 7.5EG 7.52018-05-29
tkinter was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16062HIGHCVSS 7.5EG 7.52018-05-29
node-tkinter was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16063HIGHCVSS 7.5EG 7.52018-06-07
node-opensl was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16064HIGHCVSS 7.5EG 7.52018-06-07
node-openssl was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16065HIGHCVSS 7.5EG 7.52018-06-07
openssl.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16066HIGHCVSS 7.5EG 7.52018-06-07
opencv.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16067HIGHCVSS 7.5EG 7.52018-06-07
node-opencv was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16068HIGHCVSS 7.5EG 7.52018-06-07
ffmepg was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16069HIGHCVSS 7.5EG 7.52018-06-07
nodeffmpeg was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16070HIGHCVSS 7.5EG 7.52018-06-07
nodecaffe was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16071HIGHCVSS 7.5EG 7.52018-06-07
nodemailer-js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16072HIGHCVSS 7.5EG 7.52018-06-07
nodemailer.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16073HIGHCVSS 7.5EG 7.52018-06-07
noderequest was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16074HIGHCVSS 7.5EG 7.52018-06-07
crossenv was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16075HIGHCVSS 7.5EG 7.52018-06-07
http-proxy.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16076HIGHCVSS 7.5EG 7.52018-06-07
proxy.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16077HIGHCVSS 7.5EG 7.52018-06-07
mongose was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16078HIGHCVSS 7.5EG 7.52018-06-07
shadowsock was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16079HIGHCVSS 7.5EG 7.52018-06-07
smb was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16080HIGHCVSS 7.5EG 7.52018-06-07
nodesass was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16081HIGHCVSS 7.5EG 7.52018-06-07
cross-env.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- CVE-2017-16128CRITICALCVSS 9.8EG 9.82018-06-07
The module npm-script-demo opened a connection to a command and control server. It has been removed from the npm registry.
- CVE-2017-16202HIGHCVSS 7.5EG 7.52018-06-07
The cofeescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.
- CVE-2017-16203HIGHCVSS 7.5EG 7.52018-06-07
The coffe-script module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.
- CVE-2017-16204HIGHCVSS 7.5EG 7.52018-06-07
The jquey module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.
- CVE-2017-16205HIGHCVSS 7.5EG 7.52018-06-07
The coffescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.
- CVE-2017-16207HIGHCVSS 7.3EG 7.32018-06-07
discordi.js is a malicious module based on the discord.js library that exfiltrates login tokens to pastebin.
- CVE-2017-20201CRITICALCVSS 9.3EG 0.02025-10-08
CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 (32-bit builds) contained a malicious pre-entry-point loader that diverts execution from __scrt_common_main_seh into a custom loader. That loader decodes an embedded blob into shellcode, al…
- CVE-2017-20202CRITICALCVSS 9.3EG 0.02025-10-08
Web Developer for Chrome v0.4.9 contained malicious code that generated a domain via a DGA and fetched a remote script. The fetched script conditionally loaded follow-on modules that performed extensive ad substitution and malvertising, di…
- CVE-2017-20203CRITICALCVSS 9.3EG 0.02025-10-09
NetSarang Xmanager Enterprise 5.0 Build 1232, Xmanager 5.0 Build 1045, Xshell 5.0 Build 1322, Xftp 5.0 Build 1218, and Xlpd 5.0 Build 1220 contain a malicious nssock2.dll that implements a multi-stage, DNS-based backdoor. The dormant li…
- CVE-2018-25117CRITICALCVSS 9.3EG 0.02025-10-15
VestaCP commit a3f0fa1 (2018-05-31) up to commit ee03eff (2018-06-13) contain embedded malicious code that resulted in a supply-chain compromise. New installations created from the compromised installer since at least May 2018 were subject…
- CVE-2019-19771HIGHCVSS 8.8EG 8.82019-12-12
The lodahs package 0.0.1 for Node.js is a Trojan horse, and may have been installed by persons who mistyped the lodash package name. In particular, the Trojan horse finds and exfiltrates cryptocurrency wallets.
- CVE-2020-15165CRITICALCVSS 9.3EG 9.32020-08-28
Version 1.1.6-free of Chameleon Mini Live Debugger on Google Play Store may have had it's sources or permissions tampered by a malicious actor. The official maintainer of the package is recommending all users upgrade to v1.1.8 as soon as p…
Map vulnerabilities like CWE-506 to your infrastructure
EchelonGraph correlates every CVE — across CWE-506 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →