2443 matches found
CVE-2019-10769
The provided data indicates CVE-2019-10769 affects the npm package safer-eval, which sandboxed evaluation uses the eval function. The vulnerability is described as Arbitrary Code Execution via generating a RangeError, with a detailed PoC published in the Huntr entry for safer-eval (1-NPM-SAFER-EV...
CVE-2019-10769
safer-eval is a npm package to sandbox the he evaluation of code used within the eval function. Affected versions of this package are vulnerable to Arbitrary Code Execution via generating a RangeError...
@achil/parcel-bundler (>=1.11.1 <=1.12.34), @acies/core (>=1.2.89 <=1.2.215) +134 more potentially affected by CVE-2019-10769 via safer-eval (>=1.2.3 <=1.3.6)
safer-eval NPM version =1.2.3, =1.11.1, =1.2.89, =0.1.0, =4.0.0, =4.1.0, =4.1.2, =0.9.2-pre.41, =2.0.2, =1.0.0, =1.9.3, =0.3.0, =1.12.3, =1.0.0, =0.0.1, =3.4.4 and more Source cves: CVE-2019-10769 Source advisory: SNYK:JS-SAFEREVAL-534901...
Arbitrary Code Execution
Overview safer-eval is a safer approach for eval in node and browser. Affected versions of this package are vulnerable to Arbitrary Code Execution via generating a RangeError: Maximum call stack size exceeded. PoC by Jonathan Leitschuh const theFunction = function const f = Buffer.prototype.write...
EulerOS 2.0 SP2 : oprofile (EulerOS-SA-2019-2516)
According to the version of the oprofile packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to conduct eval injection attacks and gain privileges via shell...
GHSA-6G88-VR3V-76MF Eval injection in Supybot/Limnoria
Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...
Eval injection in Supybot/Limnoria
Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...
Remote Code Execution (RCE)
limnoria is vulnerable to remote code execution RCE. The vulnerability exists as eval injection is possible through the unsafe eval function used in Math/plugin.py...
CVE-2019-19010
Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...
CVE-2019-19010
Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...
PYSEC-2019-102
Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...
PYSEC-2019-32
Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...
Sql injection
Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...
CVE-2019-19010
Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...
CVE-2019-19010
Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...
PYSEC-2019-102
Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...
UBUNTU-CVE-2019-19010
Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...
CVE-2019-19010
Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...
CVE-2019-19010
Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...
CVE-2019-19010
CVE-2019-19010 affects Limnoria (Limnoria/Math plugin) and Supybot, where eval injection in the Math plugin allows remote unauthenticated attackers to disclose information and potentially other impact via the calc and icalc commands. Affected versions include Limnoria before 2019.11.09 and Supybo...