31 matches found
GHSA-M6VV-VCJ8-W8M7 Drupal core allows Object Injection
Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection. This issue affects Drupal core: from 8.0.0 before 10.4.9, from 10.5.0 before 10.5.6, from 11.0.0 before 11.1.9, from 11.2.0 before 11.2.8...
PT-2025-47345
Name of the Vulnerable Software and Affected Versions Drupal versions 8.0.0 through 10.4.9 Drupal versions 10.5.0 through 10.5.6 Drupal versions 11.0.0 through 11.1.9 Drupal versions 11.2.0 through 11.2.7 Description Drupal core contains an improperly controlled modification of...
EUVD-2021-2031
Malware in sbrugna...
EUVD-2023-12614
Malicious code in bioql PyPI...
VulnCheck KEV: CVE-2023-43177
CrushFTP prior to 10.5.1 is vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes...
CVE-2023-43177
CrushFTP prior to 10.5.1 is vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes...
Debian dla-3291 : node-object-path - security update
The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3291 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3291-1 [email protected]...
Improperly Controlled Modification of Dynamically-Determined Object Attributes
Overview johnpbloch/wordpress-core is a web software you can use to create a website or blog. Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes through the block editor. An attacker can manipulate the object prototyp...
Code injection
body-parser-xml is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...
Remote Code Execution via unsafe classes in otherwise permitted modules
The module AccessControl defines security policies for Python code used in restricted code within Zope applications. Restricted code is any code that resides in Zope's object database, such as the contents of Script Python objects. The policies defined in AccessControl severely restrict access to...
Improperly Controlled Modification of Dynamically-Determined Object Attributes in utilitify
utilitify prior to 1.0.3 allows modification of object properties. The merge method could be tricked into adding or modifying properties of the Object.prototype...