Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2021-0947

Malware in sbrugna...

9.8CVSS9.3AI score0.00386EPSS
Exploits1References4
OSV
OSVadded 2021/05/10 3:59 p.m.0 views

GHSA-4Q97-FH3F-J294 Prototype Pollution in tiny-conf

All versions of package tiny-conf up to and including version 1.1.0 are vulnerable to Prototype Pollution via the set function...

9.8CVSS5.8AI score0.00386EPSS
Exploits1References3
Github Security Blog
Github Security Blogadded 2021/05/10 3:59 p.m.38 views

Prototype Pollution in tiny-conf

All versions of package tiny-conf up to and including version 1.1.0 are vulnerable to Prototype Pollution via the set function...

9.8CVSS9AI score0.00386EPSS
Exploits1References4Affected Software1
vulnersOsv
vulnersOsvadded 2021/05/10 3:59 p.m.2 views

grunt-kevoree (>=0.3.0 <=6.0.0-alpha.1), grunt-kevoree-registry (>=3.0.0 <=4.0.0-alpha) +9 more potentially affected by CVE-2020-7724 via tiny-conf (=1.1.0)

tiny-conf NPM version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on tiny-conf and may be impacted: - grunt-kevoree =0.3.0, =3.0.0, =5.7.0, =4.0.0, =5.5.0-alpha, =0.3.0, =1.6.0, =1.0.0-alpha, =1.0.1, =1.0.0, =1.0.2 Source cves: CVE-2020-7724...

9.8CVSS7.2AI score0.00386EPSS
Exploits1
Veracode
Veracodeadded 2020/09/02 6:53 a.m.11 views

Prototype Pollution

tiny-conf is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...

9.8CVSS3.5AI score0.00386EPSS
Exploits1References2Affected Software1
NVD
NVDadded 2020/09/01 10:15 a.m.9 views

CVE-2020-7724

All versions of package tiny-conf are vulnerable to Prototype Pollution via the set function...

9.8CVSS9.6AI score0.00386EPSS
Exploits1References1
Cvelist
Cvelistadded 2020/09/01 9:45 a.m.12 views

CVE-2020-7724 Prototype Pollution

All versions of package tiny-conf are vulnerable to Prototype Pollution via the set function...

9.8CVSS9.6AI score0.00386EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2020/09/01 12:0 a.m.4 views

PT-2020-19745 · Tiny-Conf · Tiny-Conf

Name of the Vulnerable Software and Affected Versions: tiny-conf versions prior to 1.1.1 is not mentioned, however, all versions up to and including 1.1.0 are vulnerable, so: tiny-conf versions up to and including 1.1.0 Description: The issue is related to Prototype Pollution via the set function...

9.8CVSS9.2AI score0.00386EPSS
Exploits1References4
vulnersOsv
vulnersOsvadded 2020/08/17 1:52 p.m.1 views

grunt-kevoree (>=0.3.0 <=6.0.0-alpha.1), grunt-kevoree-registry (>=3.0.0 <=4.0.0-alpha) +9 more potentially affected by CVE-2020-7724 via tiny-conf (=1.1.0)

tiny-conf NPM version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on tiny-conf and may be impacted: - grunt-kevoree =0.3.0, =3.0.0, =5.7.0, =4.0.0, =5.5.0-alpha, =0.3.0, =1.6.0, =1.0.0-alpha, =1.0.1, =1.0.0, =1.0.2 Source cves: CVE-2020-7724...

9.8CVSS7.2AI score0.00386EPSS
Exploits1
Snyk
Snykadded 2020/08/17 1:52 p.m.2 views

Prototype Pollution

Overview tiny-conf is a Node.js configuration with files, environment variables, command-line arguments, ... pluggable architecture in order to work in the browser & server-side Affected versions of this package are vulnerable to Prototype Pollution via the set function. POC const tinyConf =...

9.8CVSS9AI score0.00386EPSS
Exploits1References2
Rows per page
Query Builder