CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-38984
https://notcve.org/view.php?id=CVE-2024-38984
Prototype Pollution in lukebond json-override 0.2.0 allows attackers to to execute arbitrary code or cause a Denial of Service (DoS) via the __proto__ property. Prototype Pollution en lukebond json-override 0.2.0 permite a los atacantes ejecutar código arbitrario o provocar una denegación de servicio (DoS) a través de la propiedad __proto__. • https://gist.github.com/mestrtee/97a9a7d73fc8b38fcf01322239dd5fb1 • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-41437
https://notcve.org/view.php?id=CVE-2024-41437
A heap buffer overflow in the function cp_unfilter() (/vendor/cute_png.h) of hicolor v0.5.0 allows attackers to cause a Denial of Service (DoS) via a crafted PNG file. • https://github.com/Helson-S/FuzzyTesting/tree/master/hicolor/heapof-r1-cp_unfilter-cute_png-1019c11 https://github.com/Helson-S/FuzzyTesting/blob/master/hicolor/heapof-r1-cp_unfilter-cute_png-1019c11/vulDescription.md https://github.com/Helson-S/FuzzyTesting/tree/master/hicolor/heapof-r1-cp_unfilter-cute_png-1019c11/poc https://github.com/Helson-S/FuzzyTesting/blob/master/hicolor/heapof-r1-cp_unfilter-cute_png-1019c11/poc/sample6.png https://github.com/Helson-S/FuzzyTesting/blob/master/hicolor/h •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-38983
https://notcve.org/view.php?id=CVE-2024-38983
Prototype Pollution in alykoshin mini-deep-assign v0.0.8 allows an attacker to execute arbitrary code or cause a Denial of Service (DoS) and cause other impacts via the _assign() method at (/lib/index.js:91) Prototype Pollution en alykoshin mini-deep-assign v0.0.8 permite a un atacante ejecutar código arbitrario o causar una denegación de servicio (DoS) y causar otros impactos a través del método _assign() en (/lib/index.js:91) • https://gist.github.com/mestrtee/f82d0c3a8fe3a125f06425caef5d22ed • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-39010
https://notcve.org/view.php?id=CVE-2024-39010
This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties. ... Esta vulnerabilidad permite a los atacantes ejecutar código arbitrario o provocar una denegación de servicio (DoS) mediante la inyección de propiedades arbitrarias. • https://gist.github.com/mestrtee/af7a746df91ab5e944bd7a186816c262 • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 6.2EPSS: 0%CPEs: -EXPL: 0CVE-2024-41438
https://notcve.org/view.php?id=CVE-2024-41438
A heap buffer overflow in the function cp_stored() (/vendor/cute_png.h) of hicolor v0.5.0 allows attackers to cause a Denial of Service (DoS) via a crafted PNG file. • https://github.com/Helson-S/FuzzyTesting/blob/master/hicolor/heapof-r65280-cp_stored-cute_png-543c2 https://github.com/Helson-S/FuzzyTesting/blob/master/hicolor/heapof-r65280-cp_stored-cute_png-543c2/vulDescription.md https://github.com/Helson-S/FuzzyTesting/tree/master/hicolor/heapof-r65280-cp_stored-cute_png-543c2/poc https://github.com/Helson-S/FuzzyTesting/tree/master/hicolor/heapof-r65280-cp_stored-cute_png-543c2/poc/sample10.png https://github.com/Helson-S/FuzzyTesting/blob/master/hicolor/ • CWE-122: Heap-based Buffer Overflow •