188 matches found
DEBIAN-CVE-2023-26132
Versions of the package dottie before 2.0.4 are vulnerable to Prototype Pollution due to insufficient checks, via the set function and the current variable in the /dottie.js file...
CVE-2023-26132
Versions of the package dottie before 2.0.4 are vulnerable to Prototype Pollution due to insufficient checks, via the set function and the current variable in the /dottie.js file...
UBUNTU-CVE-2023-26132
Versions of the package dottie before 2.0.4 are vulnerable to Prototype Pollution due to insufficient checks, via the set function and the current variable in the /dottie.js file...
Design/Logic Flaw
Versions of the package dottie before 2.0.4 are vulnerable to Prototype Pollution due to insufficient checks, via the set function and the current variable in the /dottie.js file...
CVE-2023-26132
Versions of the package dottie before 2.0.4 are vulnerable to Prototype Pollution due to insufficient checks, via the set function and the current variable in the /dottie.js file...
CVE-2023-26132
CVE-2023-26132 affects the Node.js package dottie. Affected component: dottie.js (set() function) within the dottie package. Vulnerable versions: all before 2.0.4. Root cause: Prototype Pollution due to insufficient input validation in set(), enabling property injection via the current variable. ...
CVE-2023-26132
Versions of the package dottie before 2.0.4 are vulnerable to Prototype Pollution due to insufficient checks, via the set function and the current variable in the /dottie.js file...
PT-2023-20511
Name of the Vulnerable Software and Affected Versions dottie versions prior to 2.0.4 Description The issue is related to Prototype Pollution due to insufficient checks. It can be exploited via the set function and the current variable in the /dottie.js file. Recommendations For versions prior to...
CVE-2023-2987
The Wordapp plugin for WordPress is vulnerable to authorization bypass due to an use of insufficiently unique cryptographic signature on the 'wapdxopconfigset' function in versions up to, and including, 1.5.0. This makes it possible for unauthenticated attackers to the plugin to change the...
PT-2023-22361 · H3C · H3C Gr-1200W
Name of the Vulnerable Software and Affected Versions: H3C GR-1200W version MiniGRW1A0V100R006 Description: A stack overflow issue was discovered via the function version set. Recommendations: For H3C GR-1200W version MiniGRW1A0V100R006, as a temporary workaround, consider disabling the version s...
H3C GR-1200W 缓冲区错误漏洞
The H3C GR-1200W is a Gigabit Enterprise Wireless Router from China's Xinhua San H3C. A security vulnerability exists in the H3C GR-1200W MiniGRW1A0V100R006 version, which stems from the discovery of a contained stack overflow vulnerability via the function versionset...
CVE-2023-26976
Tenda AC6 v15.03.05.09multi was discovered to contain a stack overflow via the ssid parameter in the formfastsettingwifiset function...
dot-lens vulnerable to Prototype Pollution
All versions of the package dot-lens are vulnerable to Prototype Pollution via the set function in index.js file...
GHSA-RMHG-2CVV-Q7VX dot-lens vulnerable to Prototype Pollution
All versions of the package dot-lens are vulnerable to Prototype Pollution via the set function in index.js file...
CVE-2023-26106
All versions of the package dot-lens are vulnerable to Prototype Pollution via the set function in index.js file...
CVE-2023-26106
All versions of the package dot-lens are vulnerable to Prototype Pollution via the set function in index.js file...
CVE-2023-26106
All versions of the package dot-lens are vulnerable to Prototype Pollution via the set function in index.js file...
dot-lens 安全漏洞
dot-lens is a JavaScript library. A security vulnerability exists in dot-lens that stems from prototype contamination of the set function in the index.js file...
PT-2023-20493 · Dot-Lens · Dot-Lens
Name of the Vulnerable Software and Affected Versions: dot-lens versions all Description: The issue concerns Prototype Pollution via the set function in the index.js file. This affects all versions of the dot-lens package. There is no information provided about the estimated number of potentially...
Prototype Pollution
Overview dottie is a Fast and safe nested object access and manipulation in JavaScript Affected versions of this package are vulnerable to Prototype Pollution due to insufficient checks, via the set function and the current variable in the /dottie.js file. PoC javascript var dottie =...