Exploit Database
144,178 exploits tracked across all sources.
UglifyJS 3.13.2 - Prototype Pollution via DEFNODE Function Name Variable
Prototype pollution vulnerability in function DEFNODE in ast.js in mishoo UglifyJS 3.13.2 via the name variable in ast.js. NOTE: the vendor considers this an invalid report.
CVSS 9.8
webpack.js loader-utils 1.0.0-1.4.1 - Regular Expression Denial of Service in interpolateName Function
A Regular expression denial of service (ReDoS) flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the resourcePath variable in interpolateName.js.
CVSS 7.5
grunt-karma 4.0.1 - Prototype Pollution via Key Variable
Prototype pollution vulnerability in karma-runner grunt-karma 4.0.1 via the key variable in grunt-karma.js.
CVSS 9.8
webpack.js loader-utils < 1.4.2 - Regular Expression Denial of Service in interpolateName Function
A Regular expression denial of service (ReDoS) flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the url variable in interpolateName.js.
CVSS 7.5
js-beautify 1.13.7 - Prototype Pollution via Name Variable in options.js
Prototype pollution vulnerability in beautify-web js-beautify 1.13.7 via the name variable in options.js.
CVSS 9.8
gh-pages < 5.0.0 - Prototype Pollution via Partial Variable in util.js
Prototype pollution vulnerability in tschaub gh-pages 3.1.0 via the partial variable in util.js.
CVSS 9.8
mockery - Prototype Pollution via Key Variable in enable Function
Prototype pollution vulnerability in function enable in mockery.js in mfncooper mockery commit 822f0566fd6d72af8c943ae5ca2aa92e516aa2cf via the key variable in mockery.js.
CVSS 9.8
xmldom < 0.8.3 - Prototype Pollution via p Variable in copy Function
A prototype pollution vulnerability exists in the function copy in dom.js in the xmldom (published as @xmldom/xmldom) package before 0.8.3 for Node.js via the p variable. NOTE: the vendor states "we are in the process of marking this report as invalid"; however, some third parties takes the position that "A prototype injection/Prototype pollution is not just when global objects are polluted with recursive merge or deep cloning but also when a target object is polluted."
CVSS 9.8
browserify-shim < 3.8.16 - Prototype Pollution via resolveShims Function
Prototype pollution vulnerability in function resolveShims in resolve-shims.js in thlorenz browserify-shim 3.8.15 via the k variable in resolve-shims.js.
CVSS 9.8
browserify-shim < 3.8.16 - Prototype Pollution via resolveShims fullPath Variable
Prototype pollution vulnerability in function resolveShims in resolve-shims.js in thlorenz browserify-shim 3.8.15 via the fullPath variable in resolve-shims.js.
CVSS 9.8
browserify-shim < 3.8.16 - Prototype Pollution via resolveShims Function
Prototype pollution vulnerability in function resolveShims in resolve-shims.js in thlorenz browserify-shim 3.8.15 via the shimPath variable in resolve-shims.js.
CVSS 9.8
phpmyfaq < 3.1.8 - Reflected Cross-Site Scripting
Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.8.
CVSS 6.1
phpmyfaq < 3.1.8 - Reflected Cross-Site Scripting
Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.8.
CVSS 6.1
Arm Mali GPU kernel driver - Memory Corruption
The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0.
CVSS 8.8
Academy Learning Management System <5.9.1 - XSS
Academy Learning Management System before v5.9.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the Search parameter.
CVSS 6.1
Zalando Skipper < 0.13.237 - Server-Side Request Forgery
Zalando Skipper v0.13.236 is vulnerable to Server-Side Request Forgery (SSRF).
CVSS 9.8
Nortek Linear eMerge E3-Series <0.32-09 - SQL Injection
Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a SQL injection vulnerability via the idt parameter.
CVSS 9.8
Renault ZOE E-Tech Firmware - Authentication Bypass via Replay Attack
The remote keyless system on Renault ZOE 2021 vehicles sends 433.92 MHz RF signals from the same Rolling Codes set for each door-open request, which allows for a replay attack.
CVSS 8.1
Airties Smart Wi-Fi <2020-08-04 - SSRF
An issue was discovered in Airties Smart Wi-Fi before 2020-08-04. It allows attackers to change the main/guest SSID and the PSK to arbitrary values, and map the LAN, because of Insecure Direct Object Reference.
CVSS 9.1
Grafana 5.0.0-beta1-8.5.13 - Unauthorized Cookie Exposure to Plugins
Grafana is an open source observability and data visualization platform. Starting with version 5.0.0-beta1 and prior to versions 8.5.14 and 9.1.8, Grafana could leak the authentication cookie of users to plugins. The vulnerability impacts data source and plugin proxy endpoints under certain conditions. The destination plugin could receive a user's Grafana authentication cookie. Versions 9.1.8 and 8.5.14 contain a patch for this issue. There are no known workarounds.
CVSS 6.8
go-cvss 0.2.0-0.3.x - Out-of-Bounds Read in CVSS v2.0 Vector Parser
go-cvss is a Go module to manipulate Common Vulnerability Scoring System (CVSS). In affected versions when a full CVSS v2.0 vector string is parsed using `ParseVector`, an Out-of-Bounds Read is possible due to a lack of tests. The Go module will then panic. The problem is patched in tag `v0.4.0`, by the commit `d9d478ff0c13b8b09ace030db9262f3c2fe031f4`. Users are advised to upgrade. Users unable to upgrade may avoid this issue by parsing only CVSS v2.0 vector strings that do not have all attributes defined (e.g. `AV:N/AC:L/Au:N/C:P/I:P/A:C/E:U/RL:OF/RC:C/CDP:MH/TD:H/CR:M/IR:M/AR:M`). As stated in [SECURITY.md](https://github.com/pandatix/go-cvss/blob/master/SECURITY.md), the CPE v2.3 to refer to this Go module is `cpe:2.3:a:pandatix:go_cvss:*:*:*:*:*:*:*:*`. The entry has already been requested to the NVD CPE dictionary.
CVSS 7.5
Combodo iTop < 2.7.8 - Authenticated Account Takeover via Username Knowledge
Combodo iTop is an open source, web-based IT service management platform. Prior to versions 2.7.8 and 3.0.2-1, a user who can log in on iTop is able to take over any account just by knowing the account's username. This issue is fixed in versions 2.7.8 and 3.0.2-1.
CVSS 9.6
Combodo iTop <2.7.8 & <3.0.2-1 - Info Disclosure
Combodo iTop is an open source, web-based IT service management platform. Prior to versions 2.7.8 and 3.0.2-1, the reset password token is generated without any randomness parameter. This may lead to account takeover. The issue is fixed in versions 2.7.8 and 3.0.2-1.
CVSS 7.4
python-jwt < 3.3.4 - Authentication Bypass by Spoofing
python-jwt is a module for generating and verifying JSON Web Tokens. Versions prior to 3.3.4 are subject to Authentication Bypass by Spoofing, resulting in identity spoofing, session hijacking or authentication bypass. An attacker who obtains a JWT can arbitrarily forge its contents without knowing the secret key. Depending on the application, this may for example enable the attacker to spoof other user's identities, hijack their sessions, or bypass authentication. Users should upgrade to version 3.3.4. There are no known workarounds.
CVSS 9.1
python-jwt < 3.3.4 - Authentication Bypass by Spoofing
python-jwt is a module for generating and verifying JSON Web Tokens. Versions prior to 3.3.4 are subject to Authentication Bypass by Spoofing, resulting in identity spoofing, session hijacking or authentication bypass. An attacker who obtains a JWT can arbitrarily forge its contents without knowing the secret key. Depending on the application, this may for example enable the attacker to spoof other user's identities, hijack their sessions, or bypass authentication. Users should upgrade to version 3.3.4. There are no known workarounds.
CVSS 9.1
By Source