Weaknesses of type CWE-1321

300 results

CVE-2022-39396CRITICALParse Server vulnerable to Remote Code Execution via prototype pollution in MongoDB BSON parserEPSS 41.2%CVE-2022-2564HIGHPrototype Pollution in automattic/mongooseEPSS 32.7%CVE-2022-1802HIGHIf an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution EPSS 26.7%CVE-2022-2200HIGHIf an object prototype was corrupted by an attacker, they would have been able to set undesired attributes on a JavaScript object, leading tEPSS 23.9%CVE-2022-1529HIGHAn attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading tEPSS 17.1%CVE-2022-24999HIGHqs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express applicatEPSS 14.7%CVE-2025-25014CRITICALKibana arbitrary code execution via prototype pollutionEPSS 13.7%CVE-2022-46175HIGHJSON5 is an extension to the popular JSON file format that aims to be easier to write and maintain by hand (e.g. for config files). The `parEPSS 9.3%CVE-2026-34621HIGHAcrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (CWE-1321)EPSS 7.1%KEV CVE-2021-41097CRITICALPrototype pollution in aurelia-pathEPSS 4.9%CVE-2022-0432HIGHPrototype Pollution in mastodon/mastodonEPSS 4.5%CVE-2011-10019CRITICALSpreecommerce < 0.60.2 Search Parameter RCEEPSS 3.8%CVE-2021-25914CRITICALPrototype pollution vulnerability in 'object-collider' versions 1.0.0 through 1.0.3 allows attacker to cause a denial of service and may leaEPSS 3.7%CVE-2021-3918CRITICALPrototype Pollution in kriszyp/json-schemaEPSS 3.6%CVE-2021-25916CRITICALPrototype pollution vulnerability in 'patchmerge' versions 1.0.0 through 1.0.1 allows an attacker to cause a denial of service and may lead EPSS 3.5%CVE-2021-25915CRITICALPrototype pollution vulnerability in 'changeset' versions 0.0.1 through 0.2.5 allows an attacker to cause a denial of service and may lead tEPSS 3.5%CVE-2021-25941CRITICALPrototype pollution vulnerability in 'deep-override' versions 1.0.0 through 1.0.1 allows an attacker to cause a denial of service and may leEPSS 3.3%CVE-2021-25927CRITICALPrototype pollution vulnerability in 'safe-flat' versions 2.0.0 through 2.0.1 allows an attacker to cause a denial of service and may lead tEPSS 3.3%CVE-2021-25928CRITICALPrototype pollution vulnerability in 'safe-obj' versions 1.0.0 through 1.0.2 allows an attacker to cause a denial of service and may lead toEPSS 3.3%CVE-2021-25943CRITICALPrototype pollution vulnerability in '101' versions 1.0.0 through 1.6.3 allows an attacker to cause a denial of service and may lead to remoEPSS 3.3%

← previouspage 1 / 15next →