Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Github Security Blog
Github Security Blogadded 2026/06/17 6:35 p.m.7 views

Duplicate Advisory: picklescan missing detection by simple obfuscation of a `builtins.eval` call

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-9m3x-qqw2-h32h. This link is maintained to preserve external references. Original Description picklescan before 1.0.1 contains an unsafe deserialization vulnerability allowing unauthenticated users to execute...

9.8CVSS6AI score0.00519EPSS
Exploits0References4Affected Software1
NVD
NVDadded 2026/06/17 5:17 p.m.10 views

CVE-2026-53874

picklescan before 1.0.1 contains an unsafe deserialization vulnerability allowing unauthenticated users to execute arbitrary code by hiding eval calls nested under callable objects via getattr. Attackers can embed malicious code in pickle files that evades detection but executes when the pickle i...

9.8CVSS0.00519EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2019-7938

Malware in sbrugna...

9.8CVSS9.2AI score0.02857EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2025/05/22 9:16 a.m.6 views

CVE-2019-17613

qibosoft 7 allows remote code execution because do/jf.php makes eval calls. The attacker can use the Point Introduction Management feature to supply PHP code to be evaluated. Alternatively, the attacker can access admin/index.php?lfj=jfadmin=addjf via CSRF, as demonstrated by a payload in the...

9.8CVSS7.9AI score0.02857EPSS
Exploits1References1
CVE
CVEadded 2019/10/15 10:56 p.m.59 views

CVE-2019-17613

CVE-2019-17613 affects qibosoft 7. The vulnerability is due to do/jf.php performing eval on input, enabling remote code execution. An attacker can leverage the Point Introduction Management feature to inject PHP code to be evaluated, or exploit CSRF via admin/index.php?lfj=jfadmin&action=addjf (p...

9.8CVSS9.6AI score0.02857EPSS
Exploits1References1Affected Software1
NVD
NVDadded 2011/03/02 8:0 p.m.22 views

CVE-2011-0051

Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, does not properly handle certain recursive eval calls, which makes it easier for remote attackers to force a user to respond positively to a dialog question, as demonstrated by a question about granting privileges...

6.8CVSS6.2AI score0.01823EPSS
Exploits1References8
Cvelist
Cvelistadded 2011/03/02 7:0 p.m.22 views

CVE-2011-0051

Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, does not properly handle certain recursive eval calls, which makes it easier for remote attackers to force a user to respond positively to a dialog question, as demonstrated by a question about granting privileges...

9.4AI score0.01823EPSS
Exploits1References8
securityvulns
securityvulnsadded 2006/02/13 12:0 a.m.41 views

HiveMail <= 1.3 Multiple Vulnerabilities

GulfTech Security Research February 10, 2006 Vendor : HiveMail URL : http://www.hivemail.com/ Version : HiveMail = 1.3 Risk : Multiple Vulnerabilities Description: HiveMail is a powerful web-based email program that allows you to offer personal email accounts to your visitors. This makes HiveMail...

0.4AI score
Exploits0
Rows per page
Query Builder