115 matches found
Prototype Pollution
@type/purl is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...
Prototype Pollution
jquery-deparam is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...
PT-2021-7996 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a memory leak in the dc link construct function, which can be exploited by a remote attacker to cause a denial of service. The vulnerability is due to the...
Prototype Pollution
mongoose is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...
Prototype Pollution
dynamoose is vulnerable to prototype pollution. The vulnerability exists through lib/utils/object/set.ts where an attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...
Prototype Pollution
dotty is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...
Prototype Pollution
asciitable.js is vulnerable to prototype pollution. An attacker is able to exploit the vulnerability in the default function in main to inject arbitrary properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...
Prototype Pollution
set-object-value is vulnerable to prototype pollution. An attacker is able to exploit the vulnerability to inject arbitrary properties into existing construct prototypes and modify attributes such as proto, constructor and prototype causing a denial of service and may lead to remote code executio...
Prototype Pollution
ini is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...
Prototype Pollution
json8-merge-patch is vulnerable to prototype pollution. Failure to sanitize the apply functions allows for injection of arbitrary properties into existing construct prototypes and modification of attributes such as proto, constructor and prototype...
Prototype Pollution
field is vulnerable to Prototype Pollution. Failure to sanitize the field in the levelUp function and moveUp function allows for injection of arbitrary properties into existing construct prototypes and modification of attributes such as proto, constructor and prototype...
Libass Integer Overflow Vulnerability
libass is a subtitle renderer based on the ASS/SSA format by an individual developer. A security vulnerability exists in libass version 0.14.0, which stems from a signed integer overflow due to a call to outline stroke by assoutlineconstruct. No details of the vulnerability are available at this...
DEBIAN-CVE-2020-26682
In libass 0.14.0, the assoutlineconstruct's call to outlinestroke causes a signed integer overflow...
UBUNTU-CVE-2020-26682
In libass 0.14.0, the assoutlineconstruct's call to outlinestroke causes a signed integer overflow...
Prototype Pollution
simpl-schema is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...
Prototype Pollution
json-logic-js is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...
Prototype Pollution
dot-notes is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...
libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.
...
Prototype Pollution
flat is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...
Prototype Pollution
assign-deep is vulnerable to prototype pollution. It does not validate the Object.keys before assigning it to the target object, therefore allowing an attacker to inject properties and objects into existing construct prototype...