Remote Code Execution (RCE)

dedoc/scramble is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsafe evaluation of user-controlled input during documentation generation, which allows an attacker to execute arbitrary PHP code in the application context...

Pymatgen Security Vulnerability

pymatgen is an open source Python library for material analysis. A security vulnerability exists in versions of Pymatgen prior to 2024.2.20, which stems from the unsafe use of the eval function to process input, which enables the execution of arbitrary code when parsing untrusted input...

CVE-2022-46161 Code injection in pdfmake

pdfmake is an open source client/server side PDF printing in pure JavaScript. In versions up to and including 0.2.5 pdfmake contains an unsafe evaluation of user controlled input. Users of pdfmake are thus subject to arbitrary code execution in the context of the process running the pdfmake code...

PT-2022-27778 · Pdfmake · Pdfmake

Name of the Vulnerable Software and Affected Versions: pdfmake versions up to and including 0.2.5 Description: pdfmake contains an unsafe evaluation of user-controlled input, which can lead to arbitrary code execution in the context of the process running the pdfmake code. Users are advised to...