CVE-2025-60341

Tenda AC6 V2.0 15.03.06.50 was discovered to contain a stack overflow in the ssid parameter in the fastsettingwifiset function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

rollbar vulnerable to prototype pollution

Impact Prototype pollution potential with the utility function rollbar/src/utility.set. No impact when using the published public interface. If application code directly imports set from rollbar/src/utility and then calls set with untrusted input in the second argument, it is vulnerable to...

EUVD-2021-0882

Malware in sbrugna...

EUVD-2021-0947

Malware in sbrugna...

EUVD-2021-1116

Malware in sbrugna...

EUVD-2025-28140

Malicious code in bioql PyPI...

EUVD-2022-0866

Malicious code in bioql PyPI...

EUVD-2023-1098

Malicious code in bioql PyPI...

CVE-2025-26278

A prototype pollution in the lib.set function of dref v0.1.2 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...

Prototype Pollution

Overview dref is a deep object refs Affected versions of this package are vulnerable to Prototype Pollution via the lib.set function. An attacker can cause a denial of service by supplying a specially crafted payload. Details Prototype Pollution is a vulnerability affecting JavaScript. Prototype...

GHSA-76G8-235F-GJ6P dref is vulnerable to prototype pollution

A prototype pollution in the lib.set function of dref v0.1.2 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...

CVE-2025-26278

A prototype pollution in the lib.set function of dref v0.1.2 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...

CVE-2025-26278

A prototype pollution in the lib.set function of dref v0.1.2 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...

PT-2025-39378

Name of the Vulnerable Software and Affected Versions dref version 0.1.2 Description A prototype pollution issue exists in the lib.set function. This allows attackers to potentially cause a Denial of Service DoS by providing a specially crafted payload. The issue involves manipulating the prototy...

dref 安全漏洞

dref is a DNS rebinding exploit framework open-sourced by F-Secure LABS. A security vulnerability exists in dref version 0.1.2, which stems from prototype contamination in the lib.set function and could lead to a denial-of-service attack...

CVE-2025-26278

CVE-2025-26278 describes a prototype pollution in dref v0.1.2 via the lib.set function, allowing an attacker to cause a Denial of Service. Affected component: dref (JavaScript library). Root cause: unsafe/object recursive merge or path-based pollution enabling properties to be injected into Objec...

CVE-2025-57327

spmrc is a package that provides the rc manager for spm. A Prototype Pollution vulnerability in the set and config function of spmrc version 1.2.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum...

Rollbar.js 安全漏洞

Rollbar.js is an open source from bug tracking and logging library by Rollbar. A security vulnerability exists in Rollbar.js version 2.26.4 and earlier, which stems from a prototype contamination in the utility.set function that could lead to a denial of service attack...

CVE-2025-57327

CVE-2025-57327 affects the spmrc package (rc manager for spm) and describes a Prototype Pollution vulnerability in the set and config functions. The vulnerability lets an attacker inject properties into Object.prototype via a crafted payload, with the minimum consequence being Denial of Service. ...

spmrc 安全漏洞

spmrc is an open source spmrc management library from Static Package Manager. A security vulnerability exists in spmrc 1.2.0 and earlier versions, which stems from prototype contamination of the set and config functions, which allows an attacker to inject attributes via a specially crafted payloa...