Prototype Pollution

Overview Affected versions of this package are vulnerable to Prototype Pollution via the attachToObject function. An attacker can inject arbitrary properties into Object.prototype by supplying a crafted payload, potentially leading to application instability or service disruption. Details Prototy...

Prototype Pollution

Overview libnested is a package with basic functions map, each, get, set, keys for nested objects. Affected versions of this package are vulnerable to Prototype Pollution via the set function in index.js. Note: This vulnerability derives from an incomplete fix for CVE-2020-28283 PoC: js const...

CVE-2021-30358

Mobile Access Portal Native Applications who's path is defined by the administrator with environment variables may run applications from other locations by the Mobile Access Portal Agent...

Prototype Pollution

Overview @lyngs/merge is an Use merge to merge every value. supporting types: . Affected versions of this package are vulnerable to Prototype Pollution via the main functionality. PoC const merge = require'@lyngs/merge'; console.log"prototype before merge", .isAdmin; mergedummy: 1,...

Samba Share Path Definition Escape Vulnerability (CVE-2019-10197)

Samba is prone to a share path definition escape vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:samba:samba";...