Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-1321

CWE-1321

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Parent: CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

The product receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype.

473 vulnerabilities with CWE-1321

CVE-2024-52810 MEDIUM

Intlify Shared < 9.14.2 - Prototype Pollution

CVE-2024-52441 CRITICAL

Rajesh Thanoch Quick Learn <1.0.1 - Code Injection

CVE-2024-48910 CRITICAL

Cure53 Dompurify < 2.4.2 - Prototype Pollution

CVE-2024-45277 MEDIUM

SAP HANA Node.js client <2.21.31 - Prototype Pollution

CVE-2024-21489 HIGH

NPM Uplot < 1.6.31 - Prototype Pollution

CVE-2024-45815 MEDIUM

Linuxfoundation Backstage < 1.26.0 - Prototype Pollution

CVE-2024-45801 HIGH

Cure53 Dompurify < 2.5.4 - XSS

CVE-2024-21529 HIGH

NPM Dset < 3.1.4 - Prototype Pollution

CVE-2024-21528 MEDIUM

NPM Node-gettext - Prototype Pollution

CVE-2024-45435 CRITICAL

Chartist <1.4 - Info Disclosure

CVE-2024-37287 CRITICAL

Elastic Kibana < 7.17.23 - Code Injection

CVE-2024-38989 CRITICAL

Bunt App < 0.29.26 - Prototype Pollution

CVE-2024-38983 CRITICAL

Alykoshin Mini-deep-assign - Prototype Pollution

CVE-2024-39012 CRITICAL

AIS Strategyen - Prototype Pollution

CVE-2024-39011 CRITICAL

Chargeover Redoc - Prototype Pollution

CVE-2024-39010 CRITICAL

Chasemoskal Snapstate - Prototype Pollution

CVE-2024-38986 CRITICAL

75lb Deep-merge < 1.1.2 - Prototype Pollution

CVE-2024-38984 CRITICAL

Lukebond Json-override - Prototype Pollution

CVE-2024-36572 CRITICAL

Allpro Form-Manager 0.7.4 - RCE

CVE-2024-33519 HIGH

HPE Aruba Networking EdgeConnect - RCE

CVE-2024-22443 HIGH

EdgeConnect SD-WAN Orchestrator - Command Injection

CVE-2024-39853 MEDIUM

Swiper - Prototype Pollution

CVE-2024-39018 MEDIUM

Cat5th Key-serializer - Prototype Pollution

CVE-2024-39016 HIGH

che3vinci c3/utils-1 - Prototype Pollution

CVE-2024-39014 CRITICAL

cahil/utils <2.3.2 - Code Injection

Previous Page 6 of 19 Next

Details

Vulnerabilities 473

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy