CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2486 matches found

Positive Technologies•added 2025/10/15 12:0 a.m.•5 views

PT-2025-42214

The WordPress plugin is-human = v1.4.2 contains an eval injection vulnerability in /is-human/engine.php that can be triggered via the 'type' parameter when the 'action' parameter is set to 'log-reset'. The root cause is unsafe use of eval on user-controlled input, which can lead to execution of...

9.3CVSS8.2AI score0.00436EPSS

Exploits0References6

Snyk•added 2025/10/14 6:44 p.m.•3 views

Eval Injection

Overview isaaclab is an Isaac Lab Affected versions of this package are vulnerable to Eval Injection via the SB3 configuration parsing. An attacker can execute arbitrary code, escalate privileges, cause denial of service, disclose sensitive information, or tamper with data by providing a speciall...

8.5CVSS7.7AI score0.00146EPSS

Exploits0References2

Veracode•added 2025/10/08 8:40 p.m.•10 views

Use After Free

Redis is vulnerable to a Use-after-free in. The vulnerability is due to improper memory handling in the Lua garbage collector due to crafted Lua scripts, and attackers can exploit this by executing malicious EVAL or EVALSHA commands...

9.9CVSS7AI score0.86268EPSS

Exploits14References7Affected Software4

NVD•added 2025/10/07 4:15 p.m.•3 views

CVE-2022-50536

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix repeated calls to sockput when msg has moredata In tcpbpfsendverdict redirection, the eval variable is assigned to SKREDIRECT after the applybytes data is sent, if msg has moredata, sockput will be called multip...

7.8CVSS0.00154EPSS

Exploits0References6

CVE•added 2025/10/07 3:21 p.m.•15 views

CVE-2022-50536

CVE-2022-50536 affects the Linux kernel’s BPF sockmap path. In tcp_bpf_send_verdict() redirection, the eval variable is set to __SK_REDIRECT after sending apply_bytes data; if msg.has_more_data, sock_put() can be called multiple times, risking a use-after-free via refcount misuse. The issue is fi...

7.8CVSS6.1AI score0.00154EPSS

Exploits0References6Affected Software1

OSV•added 2025/10/07 2:39 a.m.•1 views

MAL-2025-47942 Malicious code in solarpeng_node_eval (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7d1e85f15a5e94e61b12759aeb924685d04a4755d7de2f57df2a81ba1c8cd549 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

Exploits0References1