Lucene search
K

17 matches found

GithubExploit
GithubExploit
added 2025/12/04 8:4 a.m.415 views

Exploit for Prototype Pollution in Datatables Datatables.Net

CVE-2020-28458 Affected versions of this package are vulnerabl...

7.5CVSS7AI score0.0367EPSS
Exploits2
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/23 11:6 a.m.10 views

Security Bulletin: A Prototype Pollution vulnerability in jquery.dataTables affects IBM Tivoli Network Manager IP Edition (ITNM) (CVE-2020-28458)

Summary A Prototype Pollution vulnerability in jquery.dataTables was addressed in ITNM version 4.2 Fix Pack 23 4.2.0.23 Vulnerability Details CVEID:CVE-2020-28458 DESCRIPTION: All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for...

7.5CVSS6.6AI score0.0367EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/11/23 12:0 a.m.14 views

CBL Mariner 2.0 Security Update: reaper (CVE-2020-28458)

The version of reaper installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-28458 advisory. - All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for...

7.5CVSS6.2AI score0.0367EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2022/11/11 12:0 a.m.33 views

Tenable Nessus < 10.3.1 Multiple Vulnerabilities (TNS-2022-20)

Tenable Nessus is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tenable:nessus"; ifdescripti...

9.8CVSS8.4AI score0.1593EPSS
Exploits9References1
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/24 6:55 a.m.77 views

Security Bulletin: Vulnerabilities in Apache and Node.js affect IBM Spectrum Protect Plus

Summary Vulnerabilities in Apache and Node.js such as execution of arbitrary code on the system, cross -site scripting, and bypassing security restrictions, may affect IBM Spectrum Protect Plus. Vulnerability Details CVEID: CVE-2020-28458 DESCRIPTION: Node.js datatables.net module could allow a...

9CVSS1.5AI score0.9024EPSS
Exploits7Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/04/15 12:0 a.m.69 views

RHEL 8 : RHV Manager (ovirt-engine) 4.4.z [ovirt-4.4.5] security, (Moderate) (RHSA-2021:1169)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1169 advisory. The ovirt-engine package provides the manager for virtualization environments. This manager enables admins to define hosts and networks, as...

7.5CVSS7.3AI score0.0367EPSS
Exploits3References41
Tenable Nessus
Tenable Nessus
added 2021/04/15 12:0 a.m.49 views

RHEL 8 : RHV Manager (ovirt-engine) 4.4.z [ovirt-4.4.5] 0-day security, enhance (Moderate) (RHSA-2021:1186)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:1186 advisory. The ovirt-engine package provides the manager for virtualization environments. This manager enables admins to define hosts and networks, as...

7.5CVSS6.4AI score0.0367EPSS
Exploits2References12
RedHat Linux
RedHat Linux
added 2021/04/14 4:34 p.m.90 views

Moderate: Red Hat Security Advisory: RHV Manager (ovirt-engine) 4.4.z [ovirt-4.4.5] security, bug fix, enhancement

An update is now available for Red Hat Virtualization Engine 4.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

7.5CVSS7.3AI score0.0367EPSS
Exploits3References35
RedHat Linux
RedHat Linux
added 2021/04/14 4:34 p.m.81 views

Moderate: Red Hat Security Advisory: RHV Manager (ovirt-engine) 4.4.z [ovirt-4.4.5] 0-day security, bug fix, enhance

An update for org.ovirt.engine-root, ovirt-engine-ui-extensions, and ovirt-web-ui is now available for Red Hat Virtualization Engine 4.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...

7.5CVSS6.5AI score0.0367EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 2021/04/14 11:41 a.m.77 views

Moderate: Red Hat Security Advisory: RHV RHEL Host (ovirt-host) 4.4.z [ovirt-4.4.5] security, bug fix, enhancement

Updated host packages that fix several bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.4AI score0.0367EPSS
Exploits2References17
Tenable Nessus
Tenable Nessus
added 2021/04/14 12:0 a.m.81 views

RHEL 8 : RHV Host (ovirt-host) 4.4.z security, (Moderate) (RHSA-2021:1184)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:1184 advisory. The ovirt-hosted-engine-setup package provides a self-hosted engine tool for the Red Hat Virtualization Manager. A self-hosted engine is a virtualize...

7.5CVSS6.3AI score0.0367EPSS
Exploits2References20
vulnersOsv
vulnersOsv
added 2020/12/17 9:0 p.m.9 views

@coreui/coreui-datatables (=1.0.0), @daai/sb-decloud (>=1.0.0 <=1.0.11) +38 more potentially affected by CVE-2020-28458 via datatables.net (>=1.10.12 <=1.10.21)

datatables.net NPM version =1.10.12, =1.0.0, =1.0.0, =3.0.0, =1.1.1, =0.0.1, =1.0.2, =1.0.0, =1.0.0, =0.0.0, =0.1.56, =0.2.151 and more Source cves: CVE-2020-28458 Source advisory: OSV:GHSA-M7J4-FHG6-XF5V...

7.5CVSS6.7AI score0.0367EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2020/12/16 5:53 p.m.50 views

CVE-2020-28458

All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806...

7.5CVSS2.7AI score0.0367EPSS
Exploits2References4
Circl
Circl
added 2020/12/16 3:25 p.m.7 views

CVE-2020-28458

creationtimestamp| type| source ---|---|--- 2020-12-16 15:25:18+00:00| seen| https://t.me/cibsecurity/20904 2025-12-04 15:00:08+00:00| published-proof-of-concept| Telegram/p1kctDWMPjRH9UHDphPObPnl4Jga04s8GRgza3noeTXcn4...

7.5CVSS6.1AI score0.0367EPSS
Exploits2References1
CVE
CVE
added 2020/12/16 10:35 a.m.287 views

CVE-2020-28458

CVE-2020-28458 affects datatables.net across all versions due to an incomplete fix enabling Prototype Pollution. Public references indicate a direct exploit surface (prototype pollution) via the datatables.net package, with exploit scripts available targeting vulnerable versions (e.g., datatables...

7.5CVSS7.3AI score0.0367EPSS
Exploits2References7Affected Software1
vulnersOsv
vulnersOsv
added 2020/10/07 3:49 p.m.5 views

@coreui/coreui-datatables (=1.0.0), @daai/sb-decloud (>=1.0.0 <=1.0.11) +38 more potentially affected by CVE-2020-28458 via datatables.net (>=1.10.12 <=1.10.22)

datatables.net NPM version =1.10.12, =1.0.0, =1.0.0, =3.0.0, =1.1.1, =0.0.1, =1.0.2, =1.0.0, =1.0.0, =0.0.0, =0.1.56, =0.2.151 and more Source cves: CVE-2020-28458 Source advisory: SNYK:JS-DATATABLESNET-1016402...

7.5CVSS6.7AI score0.0367EPSS
Exploits2
Check Point Advisories
Check Point Advisories
added 2020/06/21 12:0 a.m.20 views

JavaScript Prototype Pollution (CVE-2020-28269; CVE-2020-28272; CVE-2020-28273; CVE-2020-28442; CVE-2020-28458; CVE-2020-28472; CVE-2020-7778; CVE-2020-8158; CVE-2020-8203; CVE-2021-25912; CVE-2021-44906)

The JavaScript proto property object exposes the internal Prototype to an attack. A remote attacker can exploit this vulnerability by modifying the exposed prototype's property of an object. Successful exploitation of this vulnerability could result in run arbitrary code on the victim machine...

7.5CVSS2.7AI score0.05213EPSS
Exploits13
Rows per page
Query Builder