Linux Distros Unpatched Vulnerability : CVE-2023-26132

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the package dottie before 2.0.4 are vulnerable to Prototype Pollution due to insufficient checks, via the set function and the current variable in t...

radashi Allows Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Impact This is a prototype pollution vulnerability. It impacts users of the set function within the Radashi library. If an attacker can control parts of the path argument to the set function, they could potentially modify the prototype of all objects in the JavaScript runtime, leading to unexpect...

GHSA-2XV9-GHH9-XC69 radashi Allows Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Impact This is a prototype pollution vulnerability. It impacts users of the set function within the Radashi library. If an attacker can control parts of the path argument to the set function, they could potentially modify the prototype of all objects in the JavaScript runtime, leading to unexpect...

CVE-2025-48054 Radashi Vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Radashi is a TypeScript utility toolkit. Prior to version 12.5.1, the set function within the Radashi library is vulnerable to prototype pollution. If an attacker can control parts of the path argument to the set function, they could potentially modify the prototype of all objects in the JavaScri...

Radashi 安全漏洞

Radashi is a modern, community-first TypeScript toolkit open-sourced by Radashi. A security vulnerability exists in Radashi versions prior to 12.5.1 that stems from the set function being vulnerable to prototype contamination attacks...

PT-2025-22857 · Netcore · Netcore Nbr100V2 +6

Name of the Vulnerable Software and Affected Versions: Netcore NBR1005GPEV2 versions up to 20250508 Netcore B6V2 versions up to 20250508 Netcore COVER5 versions up to 20250508 Netcore NAP830 versions up to 20250508 Netcore NAP930 versions up to 20250508 Netcore NBR100V2 versions up to 20250508...

CVE-2023-26106

All versions of the package dot-lens are vulnerable to Prototype Pollution via the set function in index.js file...

CVE-2023-26132

Versions of the package dottie before 2.0.4 are vulnerable to Prototype Pollution due to insufficient checks, via the set function and the current variable in the /dottie.js file...

CVE-2022-45654

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the ssid parameter in the formfastsettingwifiset function...

SUSE CVE-2023-52983

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for bfqq in bicsetbfqq After commit 64dc8c732f5c "block, bfq: fix possible uaf for 'bfqq-bic'", bic-bfqq will be accessed in bicsetbfqq, however, in some context bic-bfqq will be freed, and bicsetbfqq is calle...

The vulnerability of the form_fast_setting_wifi_set function in the microprogramming software for Tenda AC18 allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the formfastsettingwifiset function in the Tenda AC18 router’s microprogramming software is related to buffer overflow during the processing of the ssid parameter. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary codes...

PT-2024-35418 · Totolink · Totolink X6000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X6000R version 9.4.0cu.1041 B20240224 Description: The issue arises from the use of the Uci Set function without strict parameter filtering in the shttpd file. This allows an attacker to achieve arbitrary command execution by...

The vulnerability of the kvm_set_cpuid function in the include/linux/slab.h library of the KVM virtualization subsystem in the Linux operating system allows a hacker to induce a service failure.

The vulnerability of the kvmsetcpuid function in the include/linux/slab.h library of the KVM virtualization subsystem in the Linux kernel is related to improper release of the kvmcpuidentry2 array. Exploiting this vulnerability can allow an attacker to cause a system failure...

Race condition vulnerability in Linux kernel bluetooth sniff_{minmax}_interval_set()

...

OESA-2024-1808 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: adtsdecodeextradata in...

Prototype Pollution

@cahil/utils is vulnerable to Prototype Pollution. The vulnerability is due to missing checks in the set function, allowing attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

PT-2024-28324 · Unknown · Cahil/Utils

Name of the Vulnerable Software and Affected Versions: cahil/utils version 2.3.2 Description: The issue allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties using the set function. This is a result of prototype pollution in the cahil/utils...

The vulnerability of the svm_set_x2apic_msr_interception() function in the arch/x86/kvm/svm/svm.c module of the KVM subsystem in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the svmsetx2apicmsrinterception function in the arch/x86/kvm/svm/svm.c module of the KVM subsystem in the Linux operating system is related to an incorrect sequence of operations when switching to the xapic working mode. Exploiting this vulnerability could allow a attacker to...

The vulnerability of the `fw_set_parms()` function in the `net/sched/cls_fw.c` module of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information, thereby enhancing their privileges.

The vulnerability of the fwsetparms function in the net/sched/clsfw.c module of the Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

GHSA-4GXF-G5GF-22H4 dottie vulnerable to Prototype Pollution

Versions of the package dottie before 2.0.4 are vulnerable to Prototype Pollution due to insufficient checks, via the set function and the current variable in the /dottie.js file...