Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2021-0969

Malware in sbrugna...

9.8CVSS9.3AI score0.03376EPSS
Exploits1References5
BDU FSTEC
BDU FSTECadded 2021/06/09 12:0 a.m.8 views

The vulnerability of the `set` function in the `property-expr` library of the Afroa Application Software Center, related to uncontrolled changes to prototype attributes of objects, allows attackers to execute a “prototype pollution” attack.

The vulnerability of the Aurora Application Library is related to uncontrolled changes to object prototypes’ attributes. Exploiting this vulnerability allows a remote attacker to execute an “infection of the prototype” attack...

9.8CVSS7.9AI score0.03376EPSS
Exploits1References4Affected Software1
Node.js
Node.jsadded 2021/05/06 5:30 p.m.61 views

Prototype Pollution in property-expr

Overview property-expr before 2.0.3 are vulnerable to Prototype Pollution via the setter function. Recommendation Upgrade to version 2.0.3 or later References - CVE - GitHub Advisory...

7.5CVSS5.1AI score0.03376EPSS
Exploits1Affected Software1
vulnersOsv
vulnersOsvadded 2021/05/06 5:29 p.m.4 views

@1337lawyers/design (>=0.1.0 <=0.12.14), @1337lawyers/gatsby-theme-1337 (=0.0.1) +1450 more potentially affected by CVE-2020-7707 via property-expr (>=1.0.1 <=2.0.2)

property-expr NPM version =1.0.1, =0.1.0, =1.0.0, =0.0.1-alpha.82, =1.0.0, =1.0.12-alpha.0, =1.0.12-alpha.0, =1.0.0, =1.1.0, =1.3.24-alpha.0, =0.0.1-alpha.1, =2.149.0, =2.152.0 - @amorist/gatsby-theme-antd =1.0.0 - @andersonbarros/strapi-plugin-content-type-builder =3.0.0-beta.16.8-0 and more...

9.8CVSS7.8AI score0.03376EPSS
Exploits1
Github Security Blog
Github Security Blogadded 2021/05/06 5:29 p.m.52 views

Prototype Pollution in property-expr

The package property-expr before 2.0.3 are vulnerable to Prototype Pollution via the setter function...

9.8CVSS8.9AI score0.03376EPSS
Exploits1References5Affected Software1
Veracode
Veracodeadded 2020/08/19 3:55 a.m.18 views

Prototype Pollution

property-expr is vulnerable to prototype pollution. An attacker is able to add and modify properties of Object.prototype using a proto payload...

9.8CVSS3.2AI score0.03376EPSS
Exploits1References4Affected Software1
CVE
CVEadded 2020/08/18 1:40 p.m.64 views

CVE-2020-7707

CVE-2020-7707 affects the Node.js property-expr module (versions before 2.0.3). Root cause is a prototype pollution flaw in the setter function, enabling remote attackers to execute arbitrary code. Affected: property-expr

9.8CVSS9.4AI score0.03376EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologiesadded 2020/08/18 12:0 a.m.4 views

PT-2020-6067 · Unknown · Property-Expr

Name of the Vulnerable Software and Affected Versions: property-expr versions prior to 2.0.3 Description: The issue is related to Prototype Pollution via the setter function. It may allow a remote attacker to perform a prototype pollution attack by exploiting uncontrolled modification of object...

9.8CVSS9.3AI score0.03376EPSS
Exploits1References7
Hacker One
Hacker Oneadded 2020/06/28 9:57 a.m.17 views

Node.js third-party modules: property-expr - Prototype pollution

I would like to report Prototype pollution in property-expr It allows attacker to modify the prototype of a base object. Module module name: property-expr version: 2.0.2 npm page: https://www.npmjs.com/package/property-expr Module Description Tiny property path utilities, including path parsing a...

1AI score
Exploits0
Rows per page
Query Builder