Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
safe vulnerabilities and exploits
(subscribe to this query)
891
VMScore
CVE-2017-16088
The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of the sandbox.
Safe-eval Project Safe-eval 0.3.0
Safe-eval Project Safe-eval 0.0.0
Safe-eval Project Safe-eval 0.2.0
Safe-eval Project Safe-eval 0.1.0
2 Github repositories
668
VMScore
CVE-2010-1168
The Safe (aka Safe.pm) module prior to 2.25 for Perl allows context-dependent malicious users to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving implicitly called methods and implicitly blessed ob...
Rafael Garcia-suarez Safe 2.08
Rafael Garcia-suarez Safe 2.17
Rafael Garcia-suarez Safe 2.18
Rafael Garcia-suarez Safe 2.15
Rafael Garcia-suarez Safe 2.16
Rafael Garcia-suarez Safe 2.23
Rafael Garcia-suarez Safe 2.24
Rafael Garcia-suarez Safe 2.13
Rafael Garcia-suarez Safe 2.14
Rafael Garcia-suarez Safe 2.21
Rafael Garcia-suarez Safe 2.22
Rafael Garcia-suarez Safe 2.09
Rafael Garcia-suarez Safe 2.11
Rafael Garcia-suarez Safe 2.19
Rafael Garcia-suarez Safe 2.20
383
VMScore
CVE-2020-22789
Unauthenticated Stored XSS in FME Server versions 2019.2 and 2020.0 Beta allows a remote malicious user to gain admin privileges by injecting arbitrary web script or HTML via the login page. The XSS is executed when an administrator accesses the logs.
Safe Fme Server 2019.0
Safe Fme Server 2019.1
Safe Fme Server 2019.2
Safe Fme Server 2020.0
312
VMScore
CVE-2020-22790
Authenticated Stored XSS in FME Server versions 2019.2 and 2020.0 Beta allows a remote malicious user to execute codeby injecting arbitrary web script or HTML via modifying the name of the users. The XSS is executed when an administrator access the logs.
Safe Fme Server 2019.0
Safe Fme Server 2019.1
Safe Fme Server 2019.2
Safe Fme Server 2020.0
668
VMScore
CVE-2022-28481
CSV-Safe gem < 3.0.0 doesn't filter out special characters which could trigger CSV Injection.
Csv-safe Project Csv-safe
668
VMScore
CVE-2020-7710
This affects all versions of package safe-eval. It is possible for an malicious user to run an arbitrary command on the host machine.
Safe-eval Project Safe-eval
668
VMScore
CVE-2020-7726
All versions of package safe-object2 are vulnerable to Prototype Pollution via the setter function.
Safe-object2 Project Safe-object2
NA
CVE-2023-26121
All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper sanitization of its parameter content.
Safe-eval Project Safe-eval
1 Github repository
NA
CVE-2023-26122
All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. The vulnerability is derived from prototype pollution exploitation. Exploiting this vulnerability might result in remote code execution ("RCE"). **Vulnerable funct...
Safe-eval Project Safe-eval
1 Github repository
668
VMScore
CVE-2018-21000
An issue exists in the safe-transmute crate prior to 0.10.1 for Rust. A constructor's arguments are in the wrong order, causing heap memory corruption.
Safe-transmute Project Safe-transmute
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »