Total
317 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-17315 | 1 Sugarcrm | 1 Sugarcrm | 2022-12-02 | 6.5 MEDIUM | 7.2 HIGH |
| SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the Administration module by an Admin user. | |||||
| CVE-2019-16328 | 1 Rpyc Project | 1 Rpyc | 2022-12-02 | 5.0 MEDIUM | 7.5 HIGH |
| In RPyC 4.1.x through 4.1.1, a remote attacker can dynamically modify object attributes to construct a remote procedure call that executes code for an RPyC service with default configuration settings. | |||||
| CVE-2019-10745 | 1 Assign-deep Project | 1 Assign-deep | 2022-12-02 | 5.0 MEDIUM | 7.5 HIGH |
| assign-deep is vulnerable to Prototype Pollution in versions before 0.4.8 and version 1.0.0. The function assign-deep could be tricked into adding or modifying properties of Object.prototype using either a constructor or a _proto_ payload. | |||||
| CVE-2019-9061 | 1 Cmsmadesimple | 1 Cms Made Simple | 2022-12-02 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in CMS Made Simple 2.2.8. In the module ModuleManager (in the file action.installmodule.php), it is possible to reach an unserialize call with untrusted input and achieve authenticated object injection by using the "install module" feature. | |||||
| CVE-2019-9058 | 1 Cmsmadesimple | 1 Cms Made Simple | 2022-12-02 | 6.5 MEDIUM | 7.2 HIGH |
| An issue was discovered in CMS Made Simple 2.2.8. In the administrator page admin/changegroupperm.php, it is possible to send a crafted value in the sel_groups parameter that leads to authenticated object injection. | |||||
| CVE-2018-19274 | 2 Debian, Phpbb | 2 Debian Linux, Phpbb | 2022-12-02 | 6.5 MEDIUM | 7.2 HIGH |
| Passing an absolute path to a file_exists check in phpBB before 3.2.4 allows Remote Code Execution through Object Injection by employing Phar deserialization when an attacker has access to the Admin Control Panel with founder permissions. | |||||
| CVE-2018-11135 | 1 Quest | 1 Kace System Management Appliance | 2022-12-02 | 6.0 MEDIUM | 8.8 HIGH |
| The script '/adminui/error_details.php' in the Quest KACE System Management Appliance 8.0.318 allows authenticated users to conduct PHP object injection attacks. | |||||
| CVE-2018-6195 | 1 Splashing Images Project | 1 Splashing Images | 2022-12-02 | 6.5 MEDIUM | 7.2 HIGH |
| admin/partials/wp-splashing-admin-main.php in the Splashing Images plugin (wp-splashing-images) before 2.1.1 for WordPress allows authenticated (administrator, editor, or author) remote attackers to conduct PHP Object Injection attacks via crafted serialized data in the 'session' HTTP GET parameter to wp-admin/upload.php. | |||||
| CVE-2022-41878 | 1 Parseplatform | 1 Parse-server | 2022-11-15 | N/A | 9.8 CRITICAL |
| Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In versions prior to 5.3.2 or 4.10.19, keywords that are specified in the Parse Server option `requestKeywordDenylist` can be injected via Cloud Code Webhooks or Triggers. This will result in the keyword being saved to the database, bypassing the `requestKeywordDenylist` option. This issue is fixed in versions 4.10.19, and 5.3.2. If upgrade is not possible, the following Workarounds may be applied: Configure your firewall to only allow trusted servers to make request to the Parse Server Cloud Code Webhooks API, or block the API completely if you are not using the feature. | |||||
| CVE-2022-41879 | 1 Parseplatform | 1 Parse-server | 2022-11-15 | N/A | 9.8 CRITICAL |
| Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In versions prior to 5.3.3 or 4.10.20, a compromised Parse Server Cloud Code Webhook target endpoint allows an attacker to use prototype pollution to bypass the Parse Server `requestKeywordDenylist` option. This issue has been patched in versions 5.3.3 and 4.10.20. There are no known workarounds. | |||||
| CVE-2022-37623 | 1 Browserify-shim Project | 1 Browserify-shim | 2022-11-15 | N/A | 9.8 CRITICAL |
| Prototype pollution vulnerability in function resolveShims in resolve-shims.js in thlorenz browserify-shim 3.8.15 via the shimPath variable in resolve-shims.js. | |||||
| CVE-2020-7608 | 1 Yargs | 1 Yargs-parser | 2022-11-15 | 4.6 MEDIUM | 5.3 MEDIUM |
| yargs-parser could be tricked into adding or modifying properties of Object.prototype using a "__proto__" payload. | |||||
| CVE-2022-39396 | 1 Parseplatform | 1 Parse-server | 2022-11-11 | N/A | 9.8 CRITICAL |
| Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Versions prior to 4.10.18, and prior to 5.3.1 on the 5.X branch, are vulnerable to Remote Code Execution via prototype pollution. An attacker can use this prototype pollution sink to trigger a remote code execution through the MongoDB BSON parser. This issue is patched in version 5.3.1 and in 4.10.18. There are no known workarounds. | |||||
| CVE-2022-21824 | 4 Debian, Netapp, Nodejs and 1 more | 11 Debian Linux, Oncommand Insight, Oncommand Workflow Automation and 8 more | 2022-11-10 | 6.4 MEDIUM | 8.2 HIGH |
| Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be "__proto__". The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype.Node.js >= 12.22.9, >= 14.18.3, >= 16.13.2, and >= 17.3.1 use a null protoype for the object these properties are being assigned to. | |||||
| CVE-2022-41713 | 1 Deep-object-diff Project | 1 Deep-object-diff | 2022-11-05 | N/A | 5.3 MEDIUM |
| deep-object-diff version 1.1.0 allows an external attacker to edit or add new properties to an object. This is possible because the application does not properly validate incoming JSON keys, thus allowing the '__proto__' property to be edited. | |||||
| CVE-2022-42743 | 1 Deep-parse-json Project | 1 Deep-parse-json | 2022-11-05 | N/A | 5.3 MEDIUM |
| deep-parse-json version 1.0.2 allows an external attacker to edit or add new properties to an object. This is possible because the application does not correctly validate the incoming JSON keys, thus allowing the '__proto__' property to be edited. | |||||
| CVE-2022-41714 | 1 Fastest-json-copy Project | 1 Fastest-json-copy | 2022-11-05 | N/A | 5.3 MEDIUM |
| fastest-json-copy version 1.0.1 allows an external attacker to edit or add new properties to an object. This is possible because the application does not correctly validate the incoming JSON keys, thus allowing the '__proto__' property to be edited. | |||||
| CVE-2022-37621 | 1 Browserify-shim Project | 1 Browserify-shim | 2022-11-03 | N/A | 9.8 CRITICAL |
| Prototype pollution vulnerability in function resolveShims in resolve-shims.js in thlorenz browserify-shim 3.8.15 via the fullPath variable in resolve-shims.js. | |||||
| CVE-2022-39357 | 1 Wintercms | 1 Winter | 2022-10-28 | N/A | 9.8 CRITICAL |
| Winter is a free, open-source content management system based on the Laravel PHP framework. The Snowboard framework in versions 1.1.8, 1.1.9, and 1.2.0 is vulnerable to prototype pollution in the main Snowboard class as well as its plugin loader. The 1.0 branch of Winter is not affected, as it does not contain the Snowboard framework. This issue has been patched in v1.1.10 and v1.2.1. As a workaround, one may avoid this issue by following some common security practices for JavaScript, including implementing a content security policy and auditing scripts. | |||||
| CVE-2021-43787 | 1 Nodebb | 1 Nodebb | 2022-10-27 | 4.3 MEDIUM | 6.1 MEDIUM |
| Nodebb is an open source Node.js based forum software. In affected versions a prototype pollution vulnerability in the uploader module allowed a malicious user to inject arbitrary data (i.e. javascript) into the DOM, theoretically allowing for an account takeover when used in conjunction with a path traversal vulnerability disclosed at the same time as this report. The vulnerability has been patched as of v1.18.5. Users are advised to upgrade as soon as possible. | |||||