Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability in Rajesh Thanoch Quick Learn quick-learn allows Object Injection.This issue affects Quick Learn
A vulnerability has been discovered in Vue, that allows an attacker to perform XSS via prototype pollution. The attacker could change the prototype chain of some properties such as `Object.prototype.s
Prototype pollution vulnerability in apidoc-core versions 0.2.0 and all subsequent versions allows remote attackers to modify JavaScript object prototypes via malformed data structures, including the
A vulnerability, which was classified as problematic, was found in xxyopen/201206030 novel-plus up to 5.1.3. This affects the function remove of the file novel-admin/src/main/java/com/java2nb/common/c
Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability
A Prototype Pollution vulnerability in the byGroupAndType function of sassdoc-extras v2.5.1 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causin
JavaScript is vulnerable to prototype pollution in Mafintosh's protocol-buffers-schema Version 3.6.0, where an attacker may alter the application logic, bypass security checks, cause a DoS or achieve
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution'), Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client
A vulnerability exists in the 'min-document' package prior to version 2.19.0, stemming from improper handling of namespace operations in the removeAttributeNS method. By processing malicious input inv
A vulnerability, which was classified as problematic, was found in nortikin Sverchok 1.3.0. Affected is the function SvSetPropNodeMK2 of the file sverchok/nodes/object_nodes/getsetprop_mk2.py of the c
Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection.
This issue affects Drupal core: from 8.0.0 before 10.5.9, f
A vulnerability was determined in 1024bit extend-deep up to 0.1.6. The impacted element is an unknown function of the file index.js. This manipulation of the argument __proto__ causes improperly contr
oRPC is an tool that helps build APIs that are end-to-end type-safe and adhere to OpenAPI standards. Prior to version 1.13.6, a prototype pollution vulnerability exists in the RPC JSON deserializer of
A vulnerability has been found in SourceCodester Prison Management System 1.0. The impacted element is an unknown function of the component Login. The manipulation leads to session fixiation. It is po
The latest version of utils-extend (1.0.8) is vulnerable to Prototype Pollution through the entry function(s) lib.extend. An attacker can supply a payload with Object.prototype setter to introduce or
Mesop is a Python-based UI framework that allows users to build web applications. A class pollution vulnerability in Mesop prior to version 0.14.1 allows attackers to overwrite global variables and cl
A Prototype Pollution vulnerability in the toCsv function of csvjson versions thru 5.1.0 allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of se
A weakness has been identified in carboneio carbone up to fbcd349077ad0e8748be73eab2a82ea92b6f8a7e. This impacts an unknown function of the file lib/input.js of the component Formatter Handler. Execut
A vulnerability was identified in bazinga012 mcp_code_executor up to 0.3.0. Affected by this issue is the function installDependencies of the file src/index.ts. Such manipulation leads to command inje
Evolver is a GEP-powered self-evolving engine for AI agents. Prior to version 1.69.3, a prototype pollution vulnerability in the mailbox store module allows attackers to modify the behavior of all Jav