CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-1030

Malware in sbrugna...

7.5CVSS7.5AI score0.00366EPSS

Exploits1References6

Node.js•added 2021/05/10 6:40 p.m.•27 views

Prototype Pollution

Overview simpl-schema before 1.10.2 is vulnerable to prototype pollution. Attacker controlled input into a schema could result in remote code execution within the scope of the surrounding application. Recommendation Upgrade to version 1.10.2 or later References - CVE - GitHub Advisory...

5CVSS5AI score0.00366EPSS

Exploits1Affected Software1

vulnersOsv•added 2021/05/10 6:38 p.m.•0 views

@deskpro/apps-installer (>=0.3.1 <=0.4.5), @deskproapps/deskproapps-sdk-react (>=0.1.3 <=1.0.0-alpha) +19 more potentially affected by CVE-2020-7742 via simpl-schema (>=0.0.1 <=0.5.0)

simpl-schema NPM version =0.0.1, =0.3.1, =0.1.3, =0.0.1, =1.0.11, =0.0.1, =0.7.5, =0.0.1, =0.4.0, =0.1.0, =0.1.0, =1.0.4, =0.1.0, =0.1.0, =0.0.9, =0.0.14 and more Source cves: CVE-2020-7742 Source advisory: OSV:GHSA-9MX2-PRFP-8HQP...

7.5CVSS7.1AI score0.00366EPSS

Exploits1

Github Security Blog•added 2021/05/10 6:38 p.m.•38 views

Prototype Pollution in simpl-schema

This affects the package simpl-schema before 1.10.2. Attacker controlled input into a schema could result in remote code execution within the scope of the surrounding application...

7.5CVSS7.8AI score0.00366EPSS

Exploits1References5Affected Software1

OSV•added 2021/05/10 6:38 p.m.•12 views

GHSA-9MX2-PRFP-8HQP Prototype Pollution in simpl-schema

This affects the package simpl-schema before 1.10.2. Attacker controlled input into a schema could result in remote code execution within the scope of the surrounding application...

7.5CVSS7.8AI score0.00366EPSS

Exploits1References4

Veracode•added 2020/10/08 3:33 a.m.•17 views

Prototype Pollution

simpl-schema is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...

7.5CVSS3.5AI score0.00366EPSS

Exploits1References2Affected Software1

OSV•added 2020/10/07 9:15 a.m.•13 views

CVE-2020-7742

This affects the package simpl-schema before 1.10.2...

7.5CVSS6.8AI score

Exploits0References2

Prion•added 2020/10/07 9:15 a.m.•14 views

Code injection

This affects the package simpl-schema before 1.10.2...

5CVSS7.5AI score0.00366EPSS

Exploits1References2Affected Software1

Cvelist•added 2020/10/07 8:55 a.m.•12 views

CVE-2020-7742 Prototype Pollution

This affects the package simpl-schema before 1.10.2...

7.5CVSS7.5AI score0.00366EPSS

Exploits1References2

CVE•added 2020/10/07 8:55 a.m.•44 views

CVE-2020-7742

CVE-2020-7742 affects the JavaScript package simpl-schema up to version 1.10.1. The vulnerability is a prototype pollution flaw in the library's merge logic (used for merging inputs into schemas), allowing attacker-controlled input to mutate Object.prototype and potentially lead to remote code ex...

7.5CVSS7.5AI score0.00366EPSS

Exploits1References2Affected Software1

Snyk•added 2020/10/01 2:33 p.m.•1 views

Prototype Pollution

Overview simpl-schema is a schema validation package that supports direct validation of MongoDB update modifier objects. Affected versions of this package are vulnerable to Prototype Pollution. PoC const SimpleSchema = require"simpl-schema".default; let obj = ; console.log"Before : " +...

7.5CVSS8AI score0.00366EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by