EUVD-2025-202406

An unauthenticated device registration vulnerability, caused by Improperly Controlled Modification of Dynamically-Determined Object Attributes, has been identified in the MXsecurity Series. An unauthenticated remote attacker can exploit this vulnerability by sending a specially crafted JSON paylo...

EUVD-2012-3419

Malware in sbrugna...

CVE-2024-40575

An issue in Huawei Technologies opengauss openGauss 5.0.0 build v.7.3.0 allows a local attacker to cause a denial of service via the modification of table attributes...

CVE-2023-0574

CVE-2023-0574 affects Yugabyte Managed (versions 2.0.0.0–2.13.0.0). The issue combines Server-Side Request Forgery (SSRF) with improperly controlled modification of dynamically-determined object attributes and improper restriction of excessive authentication attempts, allowing access to functiona...

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Overview Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes via the SERVER superglobal array. An attacker can overwrite entries in this array by sending crafted POST parameters. Remediation Upgrade com.caucho:resin to...

Prototype Pollution

object-path-set is vulnerable to prototype pollution. An attacker can inject properties into existing construct prototypes via the isValidKey function of index.js and modify attributes such as proto, constructor, and prototype...

Prototype Pollution

bmoor is vulnerable to prototype pollution. The vulnerability exists due to an incomplete fix for CVE-2020-7736 where an attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype via the set function...

Prototype Pollution

mootools is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...

Prototype Pollution

open-graph is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...

Improperly Controlled Modification of Object Prototype Attributes

Overview think-logic before version 1.1.3 has a prototype pollution vulnerability. Impact The software receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object...

Prototype Pollution

backbone-query-parameters is vulnerable to prototype pollution. An attacker is able to exploit the vulnerability to inject arbitrary properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...

Prototype Pollution

safe-obj is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...

Prototype Pollution

mootools-more is vulnerable to prototype pollution. An attacker is able to inject malicious properties into existing construct prototypes Object.prototype and modify attributes such as proto, constructor and prototype...

Prototype Pollution

copy-props is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes via the main functionality and modify attributes such as proto, constructor and prototype...

Prototype Pollution

iniparserjs is vulnerable to prototype pollution. An attacker can inject arbitrary properties into existing construct prototypes via concatenation of array in iniparser.js to modify attributes such as proto, constructor and prototype...

Prototype Pollution

immer is vulnerable to prototype pollution. An attacker is able to exploit the vulnerability to inject arbitrary properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...

Prototype Pollution

cache-base is vulnerable to prototype pollution. An attacker is able to exploit the vulnerability to inject arbitrary properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...

Prototype Pollution

js-data is vulnerable to pollution prototype. An attacker is able to exploit the vulnerability to inject arbitrary properties into existing construct prototypes and modify attributes such as proto, constructor and prototype via the deepMixIn function...

Prototype Pollution

deepref is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...

Prototype Pollution

ts-dot-prop is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...