Lucene search
K

2521 matches found

vulnersOsv
vulnersOsv
added 2019/12/06 8:40 p.m.6 views

@achil/parcel-bundler (>=1.11.1 <=1.12.34), @acies/core (>=1.2.89 <=1.2.215) +134 more potentially affected by CVE-2019-10769 via safer-eval (>=1.2.3 <=1.3.6)

safer-eval NPM version =1.2.3, =1.11.1, =1.2.89, =0.1.0, =4.0.0, =4.1.0, =4.1.2, =0.9.2-pre.41, =2.0.2, =1.0.0, =1.9.3, =0.3.0, =1.12.3, =1.0.0, =0.0.1, =3.4.4 and more Source cves: CVE-2019-10769 Source advisory: SNYK:JS-SAFEREVAL-534901...

9.8CVSS7.2AI score0.02574EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2019/12/04 12:0 a.m.28 views

EulerOS 2.0 SP2 : oprofile (EulerOS-SA-2019-2516)

According to the version of the oprofile packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to conduct eval injection attacks and gain privileges via shell...

7.2CVSS5.5AI score0.01367EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2019/11/20 1:31 a.m.42 views

Eval injection in Supybot/Limnoria

Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...

9.8CVSS6.8AI score0.0171EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2019/11/20 1:31 a.m.27 views

GHSA-6G88-VR3V-76MF Eval injection in Supybot/Limnoria

Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...

9.8CVSS10AI score0.0171EPSS
Exploits0References9
Veracode
Veracode
added 2019/11/19 2:1 a.m.23 views

Remote Code Execution (RCE)

limnoria is vulnerable to remote code execution RCE. The vulnerability exists as eval injection is possible through the unsafe eval function used in Math/plugin.py...

9.8CVSS4.3AI score0.0171EPSS
Exploits0References9Affected Software2
NVD
NVD
added 2019/11/16 1:15 a.m.15 views

CVE-2019-19010

Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...

9.8CVSS10AI score0.0171EPSS
Exploits0References5
OSV
OSV
added 2019/11/16 1:15 a.m.20 views

CVE-2019-19010

Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...

9.8CVSS10AI score
Exploits0References5
UbuntuCve
UbuntuCve
added 2019/11/16 1:15 a.m.17 views

CVE-2019-19010

Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...

9.8CVSS7.3AI score0.0171EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2019/11/16 1:15 a.m.3 views

CVE-2019-19010

Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...

9.8CVSS8.5AI score0.0171EPSS
Exploits0References9
Prion
Prion
added 2019/11/16 1:15 a.m.17 views

Sql injection

Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...

7.5CVSS10AI score0.0171EPSS
Exploits0References5Affected Software2
PyPA
PyPA
added 2019/11/16 1:15 a.m.4 views

PYSEC-2019-102

Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...

9.8CVSS7.8AI score0.0171EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2019/11/16 1:15 a.m.35 views

PYSEC-2019-102

Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...

9.8CVSS7AI score0.0171EPSS
Exploits0References6
OSV
OSV
added 2019/11/16 1:15 a.m.1 views

UBUNTU-CVE-2019-19010

Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...

9.8CVSS7.3AI score0.0171EPSS
Exploits0References3
OSV
OSV
added 2019/11/16 1:15 a.m.13 views

PYSEC-2019-32

Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...

7AI score
Exploits0References5
Debian CVE
Debian CVE
added 2019/11/16 12:52 a.m.22 views

CVE-2019-19010

Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...

9.8CVSS10AI score0.0171EPSS
Exploits0
Cvelist
Cvelist
added 2019/11/16 12:52 a.m.21 views

CVE-2019-19010

Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...

10AI score0.0171EPSS
Exploits0References5
CVE
CVE
added 2019/11/16 12:52 a.m.121 views

CVE-2019-19010

CVE-2019-19010 affects Limnoria (Limnoria/Math plugin) and Supybot, where eval injection in the Math plugin allows remote unauthenticated attackers to disclose information and potentially other impact via the calc and icalc commands. Affected versions include Limnoria before 2019.11.09 and Supybo...

9.8CVSS9.9AI score0.0171EPSS
Exploits0References5Affected Software1
Node.js
Node.js
added 2019/11/15 3:27 p.m.15 views

Sandbox Breakout / Arbitrary Code Execution

Overview All versions of safe-eval are vulnerable to Sandbox Escape leading to Remote Code Execution. The package fails to restrict access to the main context through Error objects. This may allow attackers to execute arbitrary code in the system. Evaluating the payload function var ex = new Erro...

8AI score
Exploits0Affected Software1
CNVD
CNVD
added 2019/11/07 12:0 a.m.3 views

LibSass Uncontrolled Recursion Vulnerability

LibSass is a C/C++ implementation of the Sass compiler. An uncontrolled recursion vulnerability exists in Sass::Eval::operator in eval.cpp in LibSass 3.6.1. No detailed vulnerability details are provided at this time...

6.5CVSS6.9AI score0.01512EPSS
Exploits1References1
OSV
OSV
added 2019/11/06 4:15 p.m.27 views

CVE-2019-18797

LibSass 3.6.1 has uncontrolled recursion in Sass::Eval::operatorSass::BinaryExpression in eval.cpp...

6.5CVSS6.7AI score
Exploits0References1
Rows per page
Query Builder