Export limit exceeded: 43282 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (43282 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-7723 | 1 Yola | 1 Promisehelpers | 2024-11-21 | 9.8 Critical |
| All versions of package promisehelpers are vulnerable to Prototype Pollution via the insert function. | ||||
| CVE-2020-7722 | 1 Nodee-utils Project | 1 Nodee-utils | 2024-11-21 | 9.8 Critical |
| All versions of package nodee-utils are vulnerable to Prototype Pollution via the deepSet function. | ||||
| CVE-2020-7721 | 1 Node-oojs Project | 1 Node-oojs | 2024-11-21 | 9.8 Critical |
| All versions of package node-oojs are vulnerable to Prototype Pollution via the setPath function. | ||||
| CVE-2020-7720 | 2 Digitalbazaar, Redhat | 3 Forge, Ansible Tower, Openshift Container Storage | 2024-11-21 | 9.8 Critical |
| The package node-forge before 0.10.0 is vulnerable to Prototype Pollution via the util.setPath function. Note: Version 0.10.0 is a breaking change removing the vulnerable functions. | ||||
| CVE-2020-7719 | 1 Locutus | 1 Locutus | 2024-11-21 | 9.8 Critical |
| Versions of package locutus before 2.0.12 are vulnerable to prototype Pollution via the php.strings.parse_str function. | ||||
| CVE-2020-7718 | 1 Gammautils Project | 1 Gammautils | 2024-11-21 | 9.8 Critical |
| All versions of package gammautils are vulnerable to Prototype Pollution via the deepSet and deepMerge functions. | ||||
| CVE-2020-7717 | 1 Dot-notes Project | 1 Dot-notes | 2024-11-21 | 9.8 Critical |
| All versions of package dot-notes are vulnerable to Prototype Pollution via the create function. | ||||
| CVE-2020-7716 | 1 Invertase | 1 Deeps | 2024-11-21 | 9.8 Critical |
| All versions of package deeps are vulnerable to Prototype Pollution via the set function. | ||||
| CVE-2020-7715 | 1 Deep-get-set Project | 1 Deep-get-set | 2024-11-21 | 9.8 Critical |
| All versions of package deep-get-set are vulnerable to Prototype Pollution via the main function. | ||||
| CVE-2020-7714 | 1 Realseriousgames | 1 Confucious | 2024-11-21 | 9.8 Critical |
| All versions of package confucious are vulnerable to Prototype Pollution via the set function. | ||||
| CVE-2020-7713 | 1 Arr-flatten-unflatten Project | 1 Arr-flatten-unflatten | 2024-11-21 | 9.8 Critical |
| All versions of package arr-flatten-unflatten are vulnerable to Prototype Pollution via the constructor. | ||||
| CVE-2020-7708 | 1 Irrelon | 2 \@irrelon\/path, Irrelon-path | 2024-11-21 | 9.8 Critical |
| The package irrelon-path before 4.7.0; the package @irrelon/path before 4.7.0 are vulnerable to Prototype Pollution via the set, unSet, pushVal and pullVal functions. | ||||
| CVE-2020-7707 | 1 Property-expr Project | 1 Property-expr | 2024-11-21 | 9.8 Critical |
| The package property-expr before 2.0.3 are vulnerable to Prototype Pollution via the setter function. | ||||
| CVE-2020-7706 | 1 Connie-lang Project | 1 Connie-lang | 2024-11-21 | 9.8 Critical |
| The package connie-lang before 0.1.1 are vulnerable to Prototype Pollution in the configuration language library used by connie. | ||||
| CVE-2020-7705 | 1 Mintegral | 1 Mintegraladsdk | 2024-11-21 | 7.1 High |
| This affects the package MintegralAdSDK from 0.0.0. The SDK distributed by the company contains malicious functionality that tracks any URL opened by the app and reports it back to the company, along with performing advertisement attribution fraud. Mintegral can remotely activate hooks on the UIApplication, openURL, SKStoreProductViewController, loadProductWithParameters and NSURLProtocol methods along with anti-debug and proxy detection protection. If those hooks are active MintegralAdSDK sends obfuscated data about every opened URL in an application to their servers. Note that the malicious functionality is enabled even if the SDK was not enabled to serve ads. | ||||
| CVE-2020-7704 | 1 Linux-cmdline Project | 1 Linux-cmdline | 2024-11-21 | 9.8 Critical |
| The package linux-cmdline before 1.0.1 are vulnerable to Prototype Pollution via the constructor. | ||||
| CVE-2020-7703 | 1 Nis-utils Project | 1 Nis-utils | 2024-11-21 | 9.8 Critical |
| All versions of package nis-utils are vulnerable to Prototype Pollution via the setValue function. | ||||
| CVE-2020-7702 | 1 Templ8 Project | 1 Templ8 | 2024-11-21 | 9.8 Critical |
| All versions of package templ8 are vulnerable to Prototype Pollution via the parse function. | ||||
| CVE-2020-7701 | 1 Springtree | 1 Madlib-object-utils | 2024-11-21 | 9.8 Critical |
| madlib-object-utils before 0.1.7 is vulnerable to Prototype Pollution via setValue. | ||||
| CVE-2020-7700 | 1 Php.js Project | 1 Php.js | 2024-11-21 | 9.8 Critical |
| All versions of phpjs are vulnerable to Prototype Pollution via parse_str. | ||||