Lucene search
K

14 matches found

Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.24 views

Ubuntu 16.04 ESM : Smarty vulnerabilities (USN-5348-2)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5348-2 advisory. USN-5348-1 fixed several vulnerabilities in Smarty. This update provides the fixes for CVE-2021-21408, CVE-2021-26119, CVE-2021-26120 and CVE-2021-29454...

9.8CVSS6.7AI score0.82316EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.37 views

Ubuntu 20.04 ESM : Smarty vulnerabilities (USN-5348-3)

The remote Ubuntu 20.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5348-3 advisory. USN-5348-1 fixed several vulnerabilities in Smarty. This update provides the fixes for CVE-2021-21408, CVE-2021-26119, CVE-2021-26120 and CVE-2021-29454...

9.8CVSS6.7AI score0.82316EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2023/01/27 12:0 a.m.29 views

Ubuntu: Security Advisory (USN-5348-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.3AI score0.82316EPSS
Exploits4References2
Ubuntu
Ubuntu
added 2022/06/21 3:29 p.m.70 views

USN-5348-3: Smarty vulnerabilities

USN-5348-1 fixed several vulnerabilities in Smarty. This update provides the fixes for CVE-2021-21408, CVE-2021-26119, CVE-2021-26120 and CVE-2021-29454 for Ubuntu 20.04 ESM. Original advisory details: David Gnedt and Thomas Konrad discovered that Smarty was incorrectly sanitizing the paths prese...

9.8CVSS7.2AI score0.82316EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2022/05/31 12:0 a.m.43 views

Debian DSA-5151-1 : smarty3 - security update

The remote Debian 10 / 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-5151 advisory. - Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. Prior to versions 3.1.43 and 4.0.3,...

9.8CVSS7AI score0.82316EPSS
Exploits3References15
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.26 views

Mageia: Security Advisory (MGASA-2021-0335)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.82316EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2021/10/06 12:0 a.m.43 views

FreeBSD : Bacula-Web -- Multiple Vulnerabilities (f05dbd1f-2599-11ec-91be-001b217b3468)

Bacula-Web reports : Address Smarty CVE %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2021 Jacques Vidrine and contributors Redistribution and use in source VuXML and...

9.8CVSS6.2AI score0.82316EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2021/05/27 12:0 a.m.35 views

GLSA-202105-06 : Smarty: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202105-06 Smarty: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Smarty template engine. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE...

9.8CVSS6.6AI score0.82316EPSS
Exploits2References3
Debian
Debian
added 2021/04/05 6:25 a.m.81 views

[SECURITY] [DLA 2618-1] smarty3 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2618-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA April 05, 2021 https://wiki.debian.org/LTS -...

9.8CVSS9.3AI score0.82316EPSS
Exploits3
NVD
NVD
added 2021/02/22 2:15 a.m.11 views

CVE-2021-26120

Smarty before 3.1.39 allows code injection via an unexpected function name after a function name= substring...

9.8CVSS0.82316EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2021/02/22 2:15 a.m.56 views

CVE-2021-26120

Smarty before 3.1.39 allows code injection via an unexpected function name after a function name= substring...

9.8CVSS6.6AI score0.82316EPSS
Exploits1References5
CVE
CVE
added 2021/02/22 1:38 a.m.161 views

CVE-2021-26120

Smarty PHP template engine prior to version 3.1.39 is affected by CVE-2021-26120, which can enable code injection via an unexpected {function name= substring}. The issue is addressed in updates to Smarty3 (e.g., upgrading to 3.1.39+ or package updates in Fedora/Debian/Mageia). Remediation is to u...

9.8CVSS9.4AI score0.82316EPSS
Exploits1References5Affected Software1
Debian CVE
Debian CVE
added 2021/02/22 1:38 a.m.21 views

CVE-2021-26120

Smarty before 3.1.39 allows code injection via an unexpected function name after a function name= substring...

9.8CVSS6.4AI score0.82316EPSS
Exploits1
Circl
Circl
added 2021/02/19 12:13 p.m.8 views

CVE-2021-26120

creationtimestamp| type| source ---|---|--- 2021-02-19 12:13:23+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/2740...

9.8CVSS6.4AI score0.82316EPSS
Exploits1References1
Rows per page
Query Builder