Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-95

CWE-95

Medium likelihood

Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')

Parent: CWE-94 - Improper Control of Generation of Code ('Code Injection')

The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call (e.g. "eval").

126 vulnerabilities with CWE-95

CVE-2024-32649 MEDIUM

Vyper <0.3.10 - Code Injection

CVE-2024-32647 MEDIUM

Vyper <0.3.10 - Code Injection

CVE-2024-31996 CRITICAL

XWiki Platform <4.10.19, <15.5.4, <15.10-rc-1 - RCE

CVE-2024-31986 CRITICAL

XWiki Platform <4.10.19-15.10-rc-1 - RCE

CVE-2024-31984 CRITICAL

XWiki Platform <4.10.20, 15.5.4, 15.10-rc-1 - RCE

CVE-2024-31982 CRITICAL

XWiki Platform <4.10.20,15.5.4,15.10-rc-1 - RCE

CVE-2024-31465 CRITICAL

Xwiki < 14.10.20 - Code Injection

CVE-2024-21650 CRITICAL

XWiki < 4.10.20 - Remote code execution

CVE-2023-26323 HIGH

Xiaomi App Market - RCE

CVE-2023-7245 HIGH

OpenVPN Connect <3.4.3/3.4.7 - RCE

CVE-2023-50447 HIGH

Python Pillow < 10.1.0 - Code Injection

CVE-2023-6735 HIGH

Checkmk < 2.0.0 - Improper Privilege Management

CVE-2023-7224 HIGH

Openvpn Connect < 3.4.6 - Code Injection

CVE-2023-7101 HIGH KEV

Jmcnamara Spreadsheet < 0.65 - Code Injection

CVE-2023-50723 CRITICAL

Xwiki < 14.10.5 - Code Injection

CVE-2023-50721 CRITICAL

Xwiki < 14.10.5 - Code Injection

CVE-2023-48699 HIGH

fastbots <0.1.5 - RCE

CVE-2023-46731 CRITICAL

XWiki Platform - Code Injection

CVE-2023-37909 CRITICAL

Xwiki < 14.10.8 - Code Injection

CVE-2023-40177 CRITICAL

Xwiki < 14.10.5 - Code Injection

CVE-2023-37462 CRITICAL

Xwiki < 14.4.8 - Injection

CVE-2023-35152 CRITICAL

Xwiki < 14.4.8 - Code Injection

CVE-2023-35150 CRITICAL

Xwiki < 14.4.8 - Code Injection

CVE-2023-30537 CRITICAL

Xwiki < 13.10.11 - Code Injection

CVE-2023-29511 CRITICAL

XWiki Platform - RCE

Previous Page 4 of 6 Next

Details

Vulnerabilities 126

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy