Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/04/06 10:30 a.m.17 views

CVE-2025-2244

A vulnerability in the sendMailFromRemoteSource method in Emails.php as used in Bitdefender GravityZone Console unsafely uses php unserialize on user-supplied input without validation. By crafting a malicious serialized payload, an attacker can trigger PHP object injection, perform a file write,...

9.5CVSS7.5AI score0.0103EPSS
Exploits0References3
Circl
Circl
added 2025/04/04 10:40 a.m.10 views

CVE-2025-2244

creationtimestamp| type| source ---|---|--- 2025-04-04 10:40:20+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3llya3ocjwm2s 2025-04-04 12:29:03+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114279693824501382 2025-04-04 12:29:03+00:00| seen|...

9.8CVSS8.9AI score0.0103EPSS
Exploits0References8
OSV
OSV
added 2025/04/04 10:15 a.m.3 views

CVE-2025-2244

A vulnerability in the sendMailFromRemoteSource method in Emails.php as used in Bitdefender GravityZone Console unsafely uses php unserialize on user-supplied input without validation. By crafting a malicious serialized payload, an attacker can trigger PHP object injection, perform a file write,...

9.8CVSS7.7AI score0.0103EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/04 9:52 a.m.10 views

CVE-2025-2244 Insecure PHP deserialization issue in GravityZone Console (VA-12634)

A vulnerability in the sendMailFromRemoteSource method in Emails.php as used in Bitdefender GravityZone Console unsafely uses php unserialize on user-supplied input without validation. By crafting a malicious serialized payload, an attacker can trigger PHP object injection, perform a file write,...

9.5CVSS7.7AI score0.0103EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/04 9:52 a.m.18 views

CVE-2025-2244 Insecure PHP deserialization issue in GravityZone Console (VA-12634)

A vulnerability in the sendMailFromRemoteSource method in Emails.php as used in Bitdefender GravityZone Console unsafely uses php unserialize on user-supplied input without validation. By crafting a malicious serialized payload, an attacker can trigger PHP object injection, perform a file write,...

9.5CVSS0.0103EPSS
Exploits0References1
Rows per page
Query Builder