Exploit for Improper Certificate Validation in Apache Http_Server

Uefiscdi-Gov-Ro-Vulnerability- UNTESTED PAYLOADS, WAF-BYPASS,...

Exploit for CVE-2025-54322

CVE-2025-54322 - XSpeeder SXZOS Pre-Auth RCE Scanner !Licen...

CVE-2025-13711

Tencent TFace eval Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent TFace. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2025-13711 Tencent TFace eval Deserialization of Untrusted Data Remote Code Execution Vulnerability

Tencent TFace eval Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent TFace. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2025-13307

The Ocean Modal Window WordPress plugin before 2.3.3 is vulnerable to Remote Code Execution via the modal display logic. These modals can be displayed under user-controlled conditions that Editors and Administrators can set editpages capability. The conditions are then executed as part of an eval...

CVE-2025-13307

CVE-2025-13307 affects the Ocean Modal Window WordPress plugin (versions before 2.3.3). The vulnerability arises from modal display logic that can be triggered by user-controlled conditions set by Editors/Administrators (edit_pages capability). These conditions are evaluated in an eval statement ...

Mozilla Firefox < 3.0.6

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 3.0.6. It is, therefore, affected by a vulnerability as referenced in the mfsa2009-02 advisory. - Cross-domain vulnerability in js/src/jsobj.cpp in Mozilla Firefox 3.x before 3.0.6 allows remote attackers to bypass...

megatron-bridge (>=0.1.0rc0 <=0.3.1), nemo-eval (>=0.1.0rc1 <=0.2.0rc0) +1 more potentially affected by CVE-2025-33225 via nvidia-resiliency-ext (>=0.3.0 <=0.4.1)

nvidia-resiliency-ext PYPI version =0.3.0, =0.1.0rc0, =0.1.0rc1, =0.1.0, =0.4.0 Source cves: CVE-2025-33225 Source advisory: SNYK:PYTHON-NVIDIARESILIENCYEXT-14459109...

nemo-eval (>=0.1.0rc1 <=0.1.0rc2), nemo-export-deploy (>=0.1.0 <=0.2.0rc1) potentially affected by CVE-2025-33235 via nvidia-resiliency-ext (=0.3.0)

nvidia-resiliency-ext PYPI version =0.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on nvidia-resiliency-ext and may be impacted: - nemo-eval =0.1.0rc1, =0.1.0, =0.2.0rc1 Source cves: CVE-2025-33235 Source advisory:...

ROOT-APP-NPM-CVE-2025-13204 CVE-2025-13204 in @rootio/expr-eval - Patched by Root

Root has patched CVE-2025-13204 in the @rootio/expr-eval package for Root:npm. Multiple fixed versions available...

ROOT-APP-NPM-CVE-2025-12735 CVE-2025-12735 in @rootio/expr-eval - Patched by Root

Root has patched CVE-2025-12735 in the @rootio/expr-eval package for Root:npm. Multiple fixed versions available...

SnailJob 安全漏洞

SnailJob is a flexible, reliable and efficient distributed task retrying and task scheduling platform from aizuda open source. A security vulnerability exists in SnailJob 1.6.0 and earlier versions, which stems from a change to the file...

TorchGeo Remote Code Execution Vulnerability

Impact TorchGeo 0.4–0.6.0 used an ""eval"" https://docs.python.org/3/library/functions.htmleval statement in its model weight API that could allow an unauthenticated, remote attacker to execute arbitrary commands. All platforms that expose ""torchgeo.models.getweight""...

CVE-2025-65530

An eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit before v32.7.4 allows attackers to overwrite arbitrary files as root via scanning a crafted file...

Lightning Flow Scanner Vulnerable to Code Injection via Unsafe Use of `new Function()` in APIVersion Rule

Impact The APIVersion rule uses new Function to evaluate expression strings. A malicious crafted flow metadata file can cause arbitrary JavaScript execution during scanning. An attacker could execute arbitrary JavaScript during a scan by supplying a malicious expression within rule configuration ...

EUVD-2025-203095

An eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit before v32.7.4 allows attackers to overwrite arbitrary files as root via scanning a crafted file...

CVE-2025-65530

An eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit before v32.7.4 allows attackers to overwrite arbitrary files as root via scanning a crafted file...

CVE-2025-65530

An eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit before v32.7.4 allows attackers to overwrite arbitrary files as root via scanning a crafted file...

CVE-2025-65530

An eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit before v32.7.4 allows attackers to overwrite arbitrary files as root via scanning a crafted file...

CVE-2025-65530

CVE-2025-65530 describes an eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit, affecting versions prior to 32.7.4. The vulnerability enables attackers to overwrite arbitrary files as root by scanning a crafted file, as stated in Red Hat, ENISA, NVD, CIRCL, CVE List, and...