CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

4 matches found

Veracode•added 2022/02/23 5:29 a.m.•21 views

Prototype Pollution

object-extend is vulnerable to prototype pollution. The vulnerability exists in extend function of extend.js which allows an attacker to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...

9.8CVSS4.4AI score0.0038EPSS

Exploits1References2Affected Software1

Github Security Blog•added 2021/05/17 9:0 p.m.•63 views

Code Injection in node-extend

node-extend through 0.2.0 is vulnerable to Arbitrary Code Execution. User input provided to the argument A of extend functionA,B,as,isAargs located within lib/extend.js is executed by the eval function, resulting in code execution...

9.8CVSS9.2AI score0.01201EPSS

Exploits1References3Affected Software1

Prion•added 2020/06/10 4:15 p.m.•11 views

Remote code execution

node-extend through 0.2.0 is vulnerable to Arbitrary Code Execution. User input provided to the argument A of extend functionA,B,as,isAargs located within lib/extend.js is executed by the eval function, resulting in code execution...

7.5CVSS9.6AI score0.01201EPSS

Exploits1References1Affected Software1

Debian CVE•added 2020/06/10 3:36 p.m.•12 views

CVE-2020-7673

node-extend through 0.2.0 is vulnerable to Arbitrary Code Execution. User input provided to the argument A of extend functionA,B,as,isAargs located within lib/extend.js is executed by the eval function, resulting in code execution...

9.8CVSS9.8AI score0.01201EPSS

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by