Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

188 matches found

Veracode
Veracodeadded 2020/04/07 6:6 a.m.15 views

Prototype Pollution

eivindfjeldstad-dot is vulnerable to prototype pollution. The vulnerability exists as the set function can be tricked into adding or modifying properties of Object.prototype...

5.3CVSS3AI score0.00326EPSS
Exploits1References1Affected Software1
Prion
Prionadded 2020/04/06 1:15 p.m.10 views

Design/Logic Flaw

eivindfjeldstad-dot below 1.0.3 is vulnerable to Prototype Pollution.The function 'set' could be tricked into adding or modifying properties of 'Object.prototype' using a 'proto' payload...

5CVSS5.2AI score0.00326EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2020/04/06 12:48 p.m.14 views

CVE-2020-7639

eivindfjeldstad-dot below 1.0.3 is vulnerable to Prototype Pollution.The function 'set' could be tricked into adding or modifying properties of 'Object.prototype' using a 'proto' payload...

5.2AI score0.00326EPSS
Exploits1References2
Snyk
Snykadded 2020/04/01 12:0 a.m.1 views

Prototype Pollution

Overview sds is a structured data search package. Affected versions of this package are vulnerable to Prototype Pollution. The library could be tricked into adding or modifying properties of the Object.prototype by abusing the set function located in js/set.js. PoC var root = require"sds"; var...

5.3CVSS6.8AI score0.00318EPSS
Exploits1References2
Node.js
Node.jsadded 2019/10/14 5:43 p.m.50 views

Prototype Pollution

Overview Versions of dot-prop before 4.2.1 or 5.1.1 are vulnerable to prototype pollution. The function set does not restrict the modification of an Object's prototype, which may allow an attacker to add or modify an existing property that will exist on all objects. Recommendation Upgrade to...

7.5CVSS5.6AI score0.00764EPSS
Exploits1Affected Software1
BDU FSTEC
BDU FSTECadded 2016/07/06 12:0 a.m.3 views

The vulnerability of Samba software allows a remote attacker to compromise the confidentiality and integrity of protected information.

A vulnerability exists in the ownerset function in smbcacls.c within smbcacls in Samba, due to the deletion of the access control list when the --chown or --chgrp parameter is used. Exploiting this vulnerability allows malicious actors to circumvent access restrictions by making unauthorized...

6.1CVSS7.2AI score0.01273EPSS
Exploits1References3Affected Software2
CVE
CVEadded 2013/04/16 8:0 p.m.77 views

CVE-2013-2832

CVE-2013-2832 affects Google Chrome OS before 26.0.1410.57, specifically the O3D plug-in’s Buffer::Set in core/cross/buffer.cc, where uninitialized data could remain in a buffer and allow remote attackers to obtain sensitive information via unspecified vectors. The fix was delivered in Chrome OS ...

5CVSS5.9AI score0.0025EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2013/04/16 8:0 p.m.31 views

CVE-2013-2832

The Buffer::Set function in core/cross/buffer.cc in the O3D plug-in in Google Chrome OS before 26.0.1410.57 does not prevent uninitialized data from remaining in a buffer, which might allow remote attackers to obtain sensitive information via unspecified vectors...

5.8AI score0.0025EPSS
Exploits1References3
Rows per page
Query Builder