Register
Login
Toggle navigation
SaaS Solutions
Vulnerability Intelligence
Pricing
Vulnerabilities
Reports
Blog
Contact Us
Main
Vulnerability Database
CWE List
With exploit
With patch
CWE-95 - Eval Injection
Description
The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call (e.g. "eval").
Latest vulnerabilities for CWE-95
Eval Injection in Hitachi Energy MACH SCM
2024-04-26
Medium
Yes
Multiple vulnerabilities in Eaton Intelligent Power Manager
2021-04-21
Medium
Yes
References
Description of CWE-95 on Mitre website