CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

Snyk•added 2026/05/11 4:9 p.m.•2 views

Prototype Pollution

Overview @rvf/set-get is an Internal utilities and types for working with deeply nested data. This is primarily used internally by RVF and it's various packages. It isn't recommended for use by most people. Affected versions of this package are vulnerable to Prototype Pollution via the setPath...

8.8CVSS6.3AI score0.00055EPSS

Exploits0References2

Microsoft CVE•added 2026/04/17 8:1 a.m.•2 views

jq: Unbounded Recursion in jv_setpath(), jv_getpath() and delpaths_sorted()

...

6.2CVSS5.7AI score0.00005EPSS

Exploits1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2007-2840

Malware in sbrugna...

10CVSS6.4AI score0.05993EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-1109

Malware in sbrugna...

9.8CVSS9.3AI score0.0041EPSS

Exploits1References3

OSV•added 2021/05/06 6:12 p.m.•0 views

GHSA-J4RW-X3VG-C8R7 Prototype Pollution in node-oojs

All versions of package node-oojs up to and including version 1.4.0 are vulnerable to Prototype Pollution via the setPath function...

9.8CVSS7.2AI score0.0041EPSS

Exploits1References2

Veracode•added 2020/09/02 5:45 a.m.•14 views

Prototype Pollution

node-oojs is vulnerable to prototype pollution. The vulnerability exists as the setPath function does not restrict proto headers to be set in objects...

9.8CVSS2.7AI score0.0041EPSS

Exploits1References1Affected Software1

NVD•added 2020/09/01 10:15 a.m.•9 views

CVE-2020-7721

All versions of package node-oojs are vulnerable to Prototype Pollution via the setPath function...

9.8CVSS9.6AI score0.0041EPSS

Exploits1References1

Cvelist•added 2020/09/01 9:40 a.m.•10 views

CVE-2020-7721 Prototype Pollution

All versions of package node-oojs are vulnerable to Prototype Pollution via the setPath function...

9.8CVSS9.6AI score0.0041EPSS

Exploits1References1

Positive Technologies•added 2020/09/01 12:0 a.m.•2 views

PT-2020-6071 · Node.Js · Node-Forge

Name of the Vulnerable Software and Affected Versions: node-forge versions prior to 0.10.0 Description: The issue is related to Prototype Pollution via the util.setPath function. This can allow a remote attacker to implement a prototype pollution attack by modifying object attributes...

9.8CVSS8.1AI score0.02085EPSS

Exploits1References14

Positive Technologies•added 2020/09/01 12:0 a.m.•2 views

PT-2020-19742 · Npm · Node-Oojs

Name of the Vulnerable Software and Affected Versions: node-oojs versions prior to 1.4.1 Description: The issue concerns Prototype Pollution via the setPath function. This allows for potential manipulation of object properties, which could lead to various security issues. Recommendations: For...

9.8CVSS9.5AI score0.0041EPSS

Exploits1References3

NVD•added 2007/05/24 6:30 p.m.•9 views

CVE-2007-2848

Stack-based buffer overflow in the SetPath function in the shComboBox ActiveX control shcmb80.ocx in Sky Software Shell MegaPack ActiveX 8.0 allows remote attackers to execute arbitrary code via a long argument. NOTE: the provenance of this information is unknown; the details are obtained solely...

10CVSS7.8AI score0.05993EPSS

Exploits0References4

Cvelist•added 2007/05/24 6:0 p.m.•14 views

CVE-2007-2848

7.8AI score0.05993EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by