PT-2022-14798 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a logic error in the code of ppmpu set in ppmpu.c, which could lead to local information disclosure without requiring additional execution privileges. User interaction is not necessary for...

CVE-2022-4064 Dalli Meta Protocol request_formatter.rb self.meta_set injection

A vulnerability was found in Dalli up to 3.2.2. It has been classified as problematic. Affected is the function self.metaset of the file lib/dalli/protocol/meta/requestformatter.rb of the component Meta Protocol Handler. The manipulation of the argument cas/ttl leads to injection. It is possible ...

CVE-2022-42078

Tenda AC1206 USAC1206V1.0RTLV15.03.06.23multiTD01 is vulnerable to Cross Site Request Forgery CSRF via function fromSysToolRestoreSet...

SAMSUNG Mobile devices 资源管理错误漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from the South Korean company Samsung. A security vulnerability exists in SAMSUNG Mobile devices SMR Oct-2022 Release 1, which stems from the use of after free vulnerability in the setnftpid and...

GPAC 代码问题漏洞

GPAC is an open source multimedia framework. A security vulnerability exists in GPAC 2.1-DEV-revUNKNOWN-master, which results in a denial of service due to a null pointer reference in the gffilterpidsetpropertyfull function in its filtercore/filterpid.c:5250 component...

Deserialization Of Untrusted Data

Jackson Databind is vulnerable to deserialization of untrusted data. The vulnerability exists in Set function in SubTypeValidator.java when handling interactions related to class ignite-jta which allows an attacker to inject and execute malicious codes...

CVE-2022-32040

Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetCfm...

Prototype Pollution

sds is vulnerable to prototype pollution.The vulnerability exists due to an incomplete of CVE-2020-7618 where an injection of attributes can pollute the properties of the Object.prototype by the attacker using the set function in js/set.js,...

GHSA-PH28-WWFJ-FV7F Prototype Pollution in sds

This affects the package sds from 0.0.0. The library could be tricked into adding or modifying properties of the Object.prototype by abusing the set function located in js/set.js. Note: This vulnerability derives from an incomplete fix to CVE-2020-7618...

Prototype Pollution in sds

This affects the package sds from 0.0.0. The library could be tricked into adding or modifying properties of the Object.prototype by abusing the set function located in js/set.js. Note: This vulnerability derives from an incomplete fix to CVE-2020-7618...

CVE-2022-25862

This affects the package sds from 0.0.0. The library could be tricked into adding or modifying properties of the Object.prototype by abusing the set function located in js/set.js. Note: This vulnerability derives from an incomplete fix to CVE-2020-7618...

Design/Logic Flaw

This affects the package sds from 0.0.0. The library could be tricked into adding or modifying properties of the Object.prototype by abusing the set function located in js/set.js. Note: This vulnerability derives from an incomplete fix to CVE-2020-7618...

CVE-2022-25862

This affects the package sds from 0.0.0. The library could be tricked into adding or modifying properties of the Object.prototype by abusing the set function located in js/set.js. Note: This vulnerability derives from an incomplete fix to CVE-2020-7618...

sds 安全漏洞

sds is a structured data search package. A security vulnerability exists in sds version 0.0.0 and later, which originates from a misuse of the set function located in js/set.js, where the library could be tricked into adding or modifying properties of Object.prototype...

nconf has unspecified vulnerabilities

nconf is a TOML-formatted plugin. nconf versions prior to 0.11.4 have a security vulnerability that stems from the .set function, which is responsible for setting configuration properties, being vulnerable to prototype contamination, which can be exploited by attackers to override JavaScript...

GHSA-6XWR-Q98W-RVG7 Prototype Pollution in nconf

nconf before 0.11.4. When using the memory engine, it is possible to store a nested JSON representation of the configuration. The .set function, that is responsible for setting the configuration properties, is vulnerable to Prototype Pollution. By providing a crafted property, it is possible to...

CVE-2022-21803

This affects the package nconf before 0.11.4. When using the memory engine, it is possible to store a nested JSON representation of the configuration. The .set function, that is responsible for setting the configuration properties, is vulnerable to Prototype Pollution. By providing a crafted...

CVE-2022-21803

This affects the package nconf before 0.11.4. When using the memory engine, it is possible to store a nested JSON representation of the configuration. The .set function, that is responsible for setting the configuration properties, is vulnerable to Prototype Pollution. By providing a crafted...

Prototype Pollution

libnested is vulnerable to prototype pollution. An attacker can inject properties into existing construct prototypes via the set function in the index.js and modify attributes such as proto, constructor, and prototype...

Prototype Pollution in libnested

The package libnested before 1.5.2 are vulnerable to Prototype Pollution via the set function in index.js. Note: This vulnerability derives from an incomplete fix for CVE-2020-28283...