CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8068 matches found

Tenable Nessus•added 2019/09/03 12:0 a.m.•31 views

Debian DLA-1905-1 : gosa security update

GOsa² used unserialize to restore filter settings from a cookie. Since this cookie was supplied by the client, authenticated users could have passed arbitrary content to unserialized, which opened GOsa² up to a potential PHP object injection. For Debian 8 'Jessie', this problem has been...

6.5CVSS7.8AI score0.01022EPSS

Exploits0References3

OpenVAS•added 2019/09/01 12:0 a.m.•76 views

Debian: Security Advisory (DLA-1905-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.01022EPSS

Exploits0References3

OSV•added 2019/08/26 1:15 p.m.•17 views

CVE-2019-15521

Spoon Library through 2014-02-06, as used in Fork CMS before 1.4.1 and other products, allows PHP object injection via a cookie containing an object...

9.8CVSS7.5AI score

Exploits0References3

NVD•added 2019/08/26 1:15 p.m.•12 views

CVE-2019-15521

Spoon Library through 2014-02-06, as used in Fork CMS before 1.4.1 and other products, allows PHP object injection via a cookie containing an object...

9.8CVSS9.6AI score0.02482EPSS

Exploits0References3

Prion•added 2019/08/26 1:15 p.m.•15 views

Code injection

Spoon Library through 2014-02-06, as used in Fork CMS before 1.4.1 and other products, allows PHP object injection via a cookie containing an object...

7.5CVSS9.5AI score0.02482EPSS

Exploits0References3Affected Software2

Cvelist•added 2019/08/26 12:11 p.m.•12 views

CVE-2019-15521

Spoon Library through 2014-02-06, as used in Fork CMS before 1.4.1 and other products, allows PHP object injection via a cookie containing an object...

9.7AI score0.02482EPSS

Exploits0References3

CVE•added 2019/08/26 12:11 p.m.•45 views

CVE-2019-15521

CVE-2019-15521 affects Spoon Library up to 2014-02-06 as used in Fork CMS before 1.4.1 and other products. The vulnerability enables PHP object injection via a cookie containing a serialized object, allowing code execution under deserialization in spoon/cookie/cookie.php. Public sources (Red Hat,...

9.8CVSS9.6AI score0.02482EPSS

Exploits0References3Affected Software1

NVD•added 2019/08/22 8:15 p.m.•17 views

CVE-2018-20987

The newsletters-lite plugin before 4.6.8.6 for WordPress has PHP object injection...

9.8CVSS9.9AI score0.02129EPSS

Exploits0References2

OSV•added 2019/08/22 8:15 p.m.•4 views

CVE-2018-20987

The newsletters-lite plugin before 4.6.8.6 for WordPress has PHP object injection...

9.8CVSS5.8AI score0.02129EPSS

Exploits0References2

Prion•added 2019/08/22 8:15 p.m.•14 views

Design/Logic Flaw

The newsletters-lite plugin before 4.6.8.6 for WordPress has PHP object injection...

7.5CVSS9.7AI score0.02129EPSS

Exploits0References2Affected Software1

CVE•added 2019/08/22 7:4 p.m.•52 views

CVE-2018-20987

CVE-2018-20987 affects the Newsletters Lite WordPress plugin. The connected documents confirm a PHP object injection flaw in newsletters-lite before version 4.6.8.6, caused by an insecure deserialization condition in the plugin’s code path. This vulnerability can enable remote code execution or s...

9.8CVSS9.7AI score0.02129EPSS

Exploits0References2Affected Software1

Cvelist•added 2019/08/22 7:4 p.m.•19 views

CVE-2018-20987

The newsletters-lite plugin before 4.6.8.6 for WordPress has PHP object injection...

9.9AI score0.02129EPSS

Exploits0References2

OSV•added 2019/08/22 2:15 p.m.•5 views

CVE-2019-15319

The option-tree plugin before 2.7.0 for WordPress has Object Injection by leveraging a valid nonce...

9.8CVSS5.8AI score0.02147EPSS

Exploits0References2