This affects the package thenify before 3.3.1. The name argument provided to the package can be controlled by users without any sanitization, and this is…

This affects all versions of package node-import. The “params” argument of module function can be controlled by users without any sanitization.b. This is then provided…

All versions of package set-deep-prop are vulnerable to Prototype Pollution via the main functionality. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku…

All versions of package @ianwalter/merge are vulnerable to Prototype Pollution via the main (merge) function. Maintainer suggests using @generates/merger instead. Zafiyet ile ilgili Genel Bilgi,…

The package otp-generator before 3.0.0 are vulnerable to Insecure Randomness due to insecure generation of random one-time passwords, which may allow a brute-force attack. Zafiyet…

A flaw was found in Openstack manilla owning a Ceph File system “share”, which enables the owner to read/write any manilla share or entire file…

Type confusion in V8 in Google Chrome prior to 100.0.4896.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Zafiyet…

Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.…

Inappropriate implementation in compositing in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a…

Inappropriate implementation in full screen in Google Chrome on Android prior to 100.0.4896.88 allowed a remote attacker to spoof the contents of the Omnibox (URL…