Fallos del tipo CWE-1321
304 resultadosCVE-2024-29651HIGHA Prototype Pollution issue in API Dev Tools json-schema-ref-parser v.11.0.0 and v.11.1.0 allows a remote attacker to execute arbitrary codeEPSS 0.8%CVE-2024-34148MEDIUMJenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier programmatically disables the fix for CVE-2016-3721 whenever a build is EPSS 0.8%CVE-2024-39013CRITICAL2o3t-utility v0.1.2 was discovered to contain a prototype pollution via the function extend. This vulnerability allows attackers to execute EPSS 0.8%CVE-2024-36580CRITICALA Prototype Pollution issue in cdr0 sg 1.0.10 allows an attacker to execute arbitrary code.EPSS 0.8%CVE-2024-22443HIGHA vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conEPSS 0.8%CVE-2023-26102HIGHAll versions of the package rangy are vulnerable to Prototype Pollution when using the extend() function in file rangy-core.js.The function EPSS 0.8%CVE-2026-33696CRITICALn8n Vulnerable to Prototype Pollution in XML & GSuiteAdmin node parameters lead to RCEEPSS 0.8%CVE-2024-38999CRITICALjrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function s.contexts._.configure. This vulnerability allows EPSS 0.7%CVE-2024-38988CRITICALalizeait unflatto <= 1.0.2 was discovered to contain a prototype pollution via the method exports.unflatto at /dist/index.js. This vulnerabiEPSS 0.7%CVE-2023-26139HIGHVersions of the package underscore-keypath from 0.0.11 are vulnerable to Prototype Pollution via the name argument of the setProperty() funcEPSS 0.7%CVE-2024-52810MEDIUMPrototype Pollution in @intlify/shared >=9.7.0 <= 10.0.4EPSS 0.7%CVE-2023-26135HIGHAll versions of the package flatnest are vulnerable to Prototype Pollution via the nest() function in the flatnest/nest.js file.EPSS 0.7%CVE-2023-32305HIGHaiven-extras PostgreSQL Privilege Escalation Through Overloaded Search PathEPSS 0.7%CVE-2024-32866HIGHConform contains Prototype Pollution Vulnerability in `parseWith...` functionEPSS 0.7%CVE-2025-49223CRITICALbillboard.js before 3.15.1 was discovered to contain a prototype pollution via the function generate, which could allow attackers to executeEPSS 0.7%CVE-2024-12629MEDIUMPrototype Pollution in Progress® Telerik® KendoReactEPSS 0.7%CVE-2024-11628MEDIUMPrototype Pollution in Progress® Telerik® Kendo UI for VueEPSS 0.7%CVE-2022-21169HIGHPrototype PollutionEPSS 0.7%CVE-2026-25047CRITICALdeepHas vulnerable to Prototype Pollution via constructor.prototypeEPSS 0.7%CVE-2024-21505HIGHVersions of the package web3-utils before 4.2.1 are vulnerable to Prototype Pollution via the utility functions format and mergeDeep, due toEPSS 0.7%