Lucene search
K

31 matches found

OSV
OSV
added 2025/11/18 6:32 p.m.3 views

GHSA-M6VV-VCJ8-W8M7 Drupal core allows Object Injection

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection. This issue affects Drupal core: from 8.0.0 before 10.4.9, from 10.5.0 before 10.5.6, from 11.0.0 before 11.1.9, from 11.2.0 before 11.2.8...

7.4CVSS6.9AI score0.00228EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.5 views

PT-2025-47345

Name of the Vulnerable Software and Affected Versions Drupal versions 8.0.0 through 10.4.9 Drupal versions 10.5.0 through 10.5.6 Drupal versions 11.0.0 through 11.1.9 Drupal versions 11.2.0 through 11.2.7 Description Drupal core contains an improperly controlled modification of...

5.9CVSS6.5AI score0.00228EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-2031

Malware in sbrugna...

9.8CVSS7.6AI score0.01651EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-12614

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00637EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2024/03/21 12:0 a.m.5 views

VulnCheck KEV: CVE-2023-43177

CrushFTP prior to 10.5.1 is vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes...

9.8CVSS7.4AI score0.81801EPSS
Exploits7References1
OSV
OSV
added 2023/11/18 12:15 a.m.3 views

CVE-2023-43177

CrushFTP prior to 10.5.1 is vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes...

9.8CVSS5.8AI score0.81801EPSS
Exploits7References2
Tenable Nessus
Tenable Nessus
added 2023/01/31 12:0 a.m.43 views

Debian dla-3291 : node-object-path - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3291 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3291-1 [email protected]...

9.8CVSS7.6AI score0.0203EPSS
Exploits2References8
Snyk
Snyk
added 2022/03/11 12:0 a.m.1 views

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Overview johnpbloch/wordpress-core is a web software you can use to create a website or blog. Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes through the block editor. An attacker can manipulate the object prototyp...

5.4CVSS6.9AI score
Exploits0References2
Prion
Prion
added 2021/09/13 6:15 p.m.13 views

Code injection

body-parser-xml is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...

7.5CVSS9.4AI score0.01299EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/08/05 12:0 a.m.64 views

Remote Code Execution via unsafe classes in otherwise permitted modules

The module AccessControl defines security policies for Python code used in restricted code within Zope applications. Restricted code is any code that resides in Zope's object database, such as the contents of Script Python objects. The policies defined in AccessControl severely restrict access to...

7.2CVSS7.5AI score0.02032EPSS
Exploits0References13Affected Software1
Github Security Blog
Github Security Blog
added 2021/05/07 4:28 p.m.65 views

Improperly Controlled Modification of Dynamically-Determined Object Attributes in utilitify

utilitify prior to 1.0.3 allows modification of object properties. The merge method could be tricked into adding or modifying properties of the Object.prototype...

8.8CVSS3.9AI score0.02044EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder