Writeup Exploits

63,730 exploits tracked across all sources.

Sort: Activity Stars
CVE-2022-37264 WRITEUP CRITICAL
stealjs steal 2.2.4 - Prototype Pollution via optionName Variable
Prototype pollution vulnerability in stealjs steal 2.2.4 via the optionName variable in main.js.
CVSS 9.8
CVE-2022-37265 WRITEUP CRITICAL
stealjs steal 2.2.4 - Prototype Pollution via Alias Variable in babel.js
Prototype pollution vulnerability in stealjs steal 2.2.4 via the alias variable in babel.js.
CVSS 9.8
CVE-2022-37266 WRITEUP CRITICAL
stealjs steal - Prototype Pollution via babel.js extend Function
Prototype pollution vulnerability in function extend in babel.js in stealjs steal 2.2.4 via the key variable in babel.js.
CVSS 9.8
CVE-2022-37298 WRITEUP CRITICAL
Shinken Monitoring 2.4.3 - Improper Authentication via SafeUnpickler
Shinken Solutions Shinken Monitoring Version 2.4.3 affected is vulnerable to Incorrect Access Control. The SafeUnpickler class found in shinken/safepickle.py implements a weak authentication scheme when unserializing objects passed from monitoring nodes to the Shinken monitoring server.
CVSS 9.8
CVE-2022-37434 WRITEUP CRITICAL
zlib <= 1.2.12 - Heap-Based Buffer Overflow in inflate via Large Gzip Header Extra Field
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).
CVSS 9.8
CVE-2022-37434 WRITEUP CRITICAL
zlib <= 1.2.12 - Heap-Based Buffer Overflow in inflate via Large Gzip Header Extra Field
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).
CVSS 9.8
CVE-2022-37434 WRITEUP CRITICAL
zlib <= 1.2.12 - Heap-Based Buffer Overflow in inflate via Large Gzip Header Extra Field
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).
CVSS 9.8
CVE-2022-37598 WRITEUP CRITICAL
UglifyJS 3.13.2 - Prototype Pollution via DEFNODE Function Name Variable
Prototype pollution vulnerability in function DEFNODE in ast.js in mishoo UglifyJS 3.13.2 via the name variable in ast.js. NOTE: the vendor considers this an invalid report.
CVSS 9.8
CVE-2022-37599 WRITEUP HIGH
webpack.js loader-utils 1.0.0-1.4.1 - Regular Expression Denial of Service in interpolateName Function
A Regular expression denial of service (ReDoS) flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the resourcePath variable in interpolateName.js.
CVSS 7.5
CVE-2022-37602 WRITEUP CRITICAL
grunt-karma 4.0.1 - Prototype Pollution via Key Variable
Prototype pollution vulnerability in karma-runner grunt-karma 4.0.1 via the key variable in grunt-karma.js.
CVSS 9.8
CVE-2022-37603 WRITEUP HIGH
webpack.js loader-utils < 1.4.2 - Regular Expression Denial of Service in interpolateName Function
A Regular expression denial of service (ReDoS) flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the url variable in interpolateName.js.
CVSS 7.5
CVE-2022-37609 WRITEUP CRITICAL
js-beautify 1.13.7 - Prototype Pollution via Name Variable in options.js
Prototype pollution vulnerability in beautify-web js-beautify 1.13.7 via the name variable in options.js.
CVSS 9.8
CVE-2022-37611 WRITEUP CRITICAL
gh-pages < 5.0.0 - Prototype Pollution via Partial Variable in util.js
Prototype pollution vulnerability in tschaub gh-pages 3.1.0 via the partial variable in util.js.
CVSS 9.8
CVE-2022-37614 WRITEUP CRITICAL
mockery - Prototype Pollution via Key Variable in enable Function
Prototype pollution vulnerability in function enable in mockery.js in mfncooper mockery commit 822f0566fd6d72af8c943ae5ca2aa92e516aa2cf via the key variable in mockery.js.
CVSS 9.8
CVE-2022-37616 WRITEUP CRITICAL
xmldom < 0.8.3 - Prototype Pollution via p Variable in copy Function
A prototype pollution vulnerability exists in the function copy in dom.js in the xmldom (published as @xmldom/xmldom) package before 0.8.3 for Node.js via the p variable. NOTE: the vendor states "we are in the process of marking this report as invalid"; however, some third parties takes the position that "A prototype injection/Prototype pollution is not just when global objects are polluted with recursive merge or deep cloning but also when a target object is polluted."
CVSS 9.8
CVE-2022-37617 WRITEUP CRITICAL
browserify-shim < 3.8.16 - Prototype Pollution via resolveShims Function
Prototype pollution vulnerability in function resolveShims in resolve-shims.js in thlorenz browserify-shim 3.8.15 via the k variable in resolve-shims.js.
CVSS 9.8
CVE-2022-37621 WRITEUP CRITICAL
browserify-shim < 3.8.16 - Prototype Pollution via resolveShims fullPath Variable
Prototype pollution vulnerability in function resolveShims in resolve-shims.js in thlorenz browserify-shim 3.8.15 via the fullPath variable in resolve-shims.js.
CVSS 9.8
CVE-2022-37623 WRITEUP CRITICAL
browserify-shim < 3.8.16 - Prototype Pollution via resolveShims Function
Prototype pollution vulnerability in function resolveShims in resolve-shims.js in thlorenz browserify-shim 3.8.15 via the shimPath variable in resolve-shims.js.
CVSS 9.8
CVE-2022-3766 WRITEUP MEDIUM
phpmyfaq < 3.1.8 - Reflected Cross-Site Scripting
Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.8.
CVSS 6.1
CVE-2022-3766 WRITEUP MEDIUM
phpmyfaq < 3.1.8 - Reflected Cross-Site Scripting
Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.8.
CVSS 6.1
CVE-2022-38181 WRITEUP HIGH
Arm Mali GPU kernel driver - Memory Corruption
The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0.
CVSS 8.8
CVE-2022-38553 WRITEUP MEDIUM
Academy Learning Management System <5.9.1 - XSS
Academy Learning Management System before v5.9.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the Search parameter.
CVSS 6.1
CVE-2022-38580 WRITEUP CRITICAL
Zalando Skipper < 0.13.237 - Server-Side Request Forgery
Zalando Skipper v0.13.236 is vulnerable to Server-Side Request Forgery (SSRF).
CVSS 9.8
CVE-2022-38627 WRITEUP CRITICAL
Nortek Linear eMerge E3-Series <0.32-09 - SQL Injection
Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a SQL injection vulnerability via the idt parameter.
CVSS 9.8
CVE-2022-38766 WRITEUP HIGH
Renault ZOE E-Tech Firmware - Authentication Bypass via Replay Attack
The remote keyless system on Renault ZOE 2021 vehicles sends 433.92 MHz RF signals from the same Rolling Codes set for each door-open request, which allows for a replay attack.
CVSS 8.1