Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-1321

CWE-1321

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Parent: CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

The product receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype.

473 vulnerabilities with CWE-1321

CVE-2024-32866 HIGH

Conform-to Dom < 1.1.1 - Prototype Pollution

CVE-2024-30564 CRITICAL

Andrei-tatar Nora-firebase-common < 1.12.3 - Prototype Pollution

CVE-2024-21509 MEDIUM

Sidorares Mysql2 < 3.9.4 - Prototype Pollution

CVE-2024-29650 CRITICAL

@thi.ng/paths <5.1.62 - RCE

CVE-2024-21505 HIGH

NPM Web3-utils < 4.2.1 - Prototype Pollution

CVE-2024-2495 MEDIUM

FriendlyWrt <2022-11-16.51b3d35 - Info Disclosure

CVE-2024-27307 CRITICAL

JSONata <1.8.7, >1.4.0 & <2.0.4 - RCE

CVE-2024-23339 MEDIUM

Elijahharry Hoolock < 2.2.1 - Prototype Pollution

CVE-2023-0163 HIGH

Mozilla Convict - Prototype Pollution

CVE-2023-39296 HIGH

Qnap Qts - Prototype Pollution

CVE-2023-46308 CRITICAL

Plotly <2.25.2 - Code Injection

CVE-2023-26920 MEDIUM

fast-xml-parser <4.1.2 - Info Disclosure

CVE-2023-26158 HIGH

mockjs - Prototype Pollution

CVE-2023-6293 HIGH

robinbuschmann/sequelize-typescript <2.1.6 - Info Disclosure

CVE-2023-45827 HIGH

Clickbar Dot-diver < 1.0.2 - Prototype Pollution

CVE-2023-1717 CRITICAL

Bitrix24 22.0.300 - RCE

CVE-2023-3965 MEDIUM

Saleswizard Nsc < 1.0 - XSS

CVE-2023-3962 MEDIUM

Myshopkit Winters < 1.4.3 - XSS

CVE-2023-3933 MEDIUM

Wiloke Your Journey < 1.9.8 - XSS

CVE-2023-45811 HIGH

Relative Synchrony < 2.4.4 - Prototype Pollution

CVE-2023-45282 HIGH

Nasa Openmct < 3.1.0 - Prototype Pollution

CVE-2023-38894 CRITICAL

Cronvel Tree-kit <0.7.4 - RCE

CVE-2023-26139 HIGH

underscore-keypath <0.0.11 - Prototype Pollution

CVE-2023-3696 CRITICAL

Mongoose < 5.13.20 - Prototype Pollution

CVE-2023-36665 CRITICAL

protobuf.js <7.2.5 - Prototype Pollution

Previous Page 8 of 19 Next

Details

Vulnerabilities 473

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy