Linux Distros Unpatched Vulnerability : CVE-2018-16469

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The merge.recursive function in the merge package 1.2.1 can be tricked into adding or modifying properties of the Object prototype. These properties will be...

CVE-2022-28644

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

Adobe Experience Manager 6.1 < 6.3.3.7 / 6.4 < 6.4.7.0 / 6.5 < 6.5.3.0 Multiple Vulnerabilities (APSB20-01)

The version of Adobe Experience Manager installed on the remote host is 6.1.x less than 6.3.3.7, 6.4.x less than 6.4.7.0, or 6.5.x less than 6.5.4.0. It is, therefore, affected by multiple vulnerabilities that could lead to sensitive information disclosure, as referenced in the APSB20-01 advisory...

Prototype Pollution

merge is vulnerable to prototype pollution. A bypass of the fix for CVE-2018-16469 exists and allows arbitrary properties of the Object prototype to be added or modified via JSON.parse...

CVE-2019-16469

Adobe Experience Manager (AEM) is affected by an expression language injection vulnerability (CVE-2019-16469) across AEM 6.0–6.5. The Nuclei template corroborates the affected versions and states successful exploitation could lead to sensitive information disclosure. Root cause: expression langua...

CVE-2017-16469

...

CVE-2017-16469

CVE-2017-16469 is rejected/not used; this CVE ID does not represent an active vulnerability entry.

@blackbaud/skyux-deploy (>=1.0.0 <=1.4.0), @cysonius/json-utils (>=0.0.1 <=0.0.5) +355 more potentially affected by CVE-2018-16469 via merge (>=1.0.0 <=1.2.0)

merge NPM version =1.0.0, =1.0.0, =0.0.1, =0.0.2, =0.0.12, =1.0.0, =0.0.1, =0.0.1, =0.1.0, =0.52.0-typescript3-1, =0.52.0-src-build, =1.2.0, =1.2.4 and more Source cves: CVE-2018-16469 Source advisory: OSV:GHSA-F9CM-QMX5-M98H...

CVE-2018-16469

The merge.recursive function in the merge package 1.2.1 can be tricked into adding or modifying properties of the Object prototype. These properties will be present on all objects allowing for a denial of service attack...

CVE-2018-16469

The merge.recursive function in the merge package 1.2.1 can be tricked into adding or modifying properties of the Object prototype. These properties will be present on all objects allowing for a denial of service attack...

CVE-2018-16469

The merge.recursive function in the merge package 1.2.1 can be tricked into adding or modifying properties of the Object prototype. These properties will be present on all objects allowing for a denial of service attack...

CVE-2018-16469

CVE-2018-16469 affects the merge package before version 1.2.1. The vulnerability arises in the merge.recursive function, which can be tricked into adding or modifying properties of Object.prototype. These polluted properties become present on all objects, potentially enabling a denial-of-service ...