CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-39012
https://notcve.org/view.php?id=CVE-2024-39012
This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties. • https://gist.github.com/mestrtee/acfbd724a4b73bfb5d030575b653453c • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 5.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-41304
https://notcve.org/view.php?id=CVE-2024-41304
An arbitrary file upload vulnerability in the uploadFileAction() function of WonderCMS v3.4.3 allows attackers to execute arbitrary code via a crafted SVG file. • https://github.com/patrickdeanramos/WonderCMS-version-3.4.3-SVG-Stored-Cross-Site-Scripting • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-39011
https://notcve.org/view.php?id=CVE-2024-39011
Prototype Pollution in chargeover redoc v2.0.9-rc.69 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) and cause other impacts via the function mergeObjects. • https://gist.github.com/mestrtee/693ef1c8b0a5ff1ae19f253381711f3e • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-38986
https://notcve.org/view.php?id=CVE-2024-38986
Prototype Pollution in 75lb deep-merge 1.1.1 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) and cause other impacts via merge methods of lodash to merge objects. • https://gist.github.com/mestrtee/b20c3aee8bea16e1863933778da6e4cb • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-38984
https://notcve.org/view.php?id=CVE-2024-38984
Prototype Pollution in lukebond json-override 0.2.0 allows attackers to to execute arbitrary code or cause a Denial of Service (DoS) via the __proto__ property. • https://gist.github.com/mestrtee/97a9a7d73fc8b38fcf01322239dd5fb1 • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •