Falhas do tipo CWE-1321
300 resultadosCVE-2024-21512HIGHVersions of the package mysql2 before 3.9.8 are vulnerable to Prototype Pollution due to improper user input sanitization passed to fields aEPSS 3.1%CVE-2023-36475CRITICALParse Server vulnerable to remote code execution via MongoDB BSON parser through prototype pollutionEPSS 2.7%CVE-2023-26136MEDIUMVersions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookiEPSS 2.1%CVE-2023-26122HIGHAll versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. The vulnerability is derived fromEPSS 2.1%CVE-2021-3805HIGHPrototype Pollution in mariocasciaro/object-pathEPSS 2.0%CVE-2021-21304HIGHPrototype Pollution in DynamooseEPSS 1.9%CVE-2024-56059CRITICALWordPress Partners plugin <= 0.2.0 - PHP Object Injection vulnerabilityEPSS 1.7%CVE-2022-37602CRITICALPrototype pollution vulnerability in karma-runner grunt-karma 4.0.1 via the key variable in grunt-karma.js.EPSS 1.6%CVE-2021-3757HIGHPrototype Pollution in immerjs/immerEPSS 1.6%CVE-2023-39296HIGHQTS, QuTS heroEPSS 1.6%CVE-2021-3766HIGHPrototype Pollution in vincit/objection.jsEPSS 1.4%CVE-2024-27307CRITICALJSONata expression can pollute the "Object" prototypeEPSS 1.4%CVE-2024-29650CRITICALAn issue in @thi.ng/paths v.5.1.62 and before allows a remote attacker to execute arbitrary code via the mutIn and mutInManyUnsafe componentEPSS 1.4%CVE-2023-0842MEDIUMxml2js 0.4.23 - Prototype PollutionEPSS 1.4%CVE-2021-21297HIGHPrototype Pollution in Node-RedEPSS 1.4%CVE-2022-29823CRITICALFeathers - Query “__proto__” is converted to real prototypeEPSS 1.4%CVE-2021-3645MEDIUMPrototype Pollution in viking04/mergeEPSS 1.4%CVE-2021-39227MEDIUMFix prototype pollution in the zrender merge and clone helper methodsEPSS 1.3%CVE-2023-26105HIGHAll versions of the package utilities are vulnerable to Prototype Pollution via the _mix function.
EPSS 1.3%CVE-2021-43787CRITICALXSS via prototype pollutionEPSS 1.3%