49 matches found
EUVD-2024-1026
Malicious code in bioql PyPI...
EUVD-2024-51456
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2016-10074
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mail transport aka SwiftTransportMailTransport in Swift Mailer before 5.4.5 might allow remote attackers to pass extra parameters to the mail command and...
CVE-2024-28859
Symfony1 is a community fork of symfony 1.4 with DIC, form enhancements, latest Swiftmailer, better performance, composer compatible and PHP 8 support. Symfony 1 has a gadget chain due to vulnerable Swift Mailer dependency that would enable an attacker to get remote code execution if a developer...
CVE-2024-13242
Exposed Dangerous Method or Function vulnerability in Drupal Swift Mailer allows Resource Location Spoofing.This issue affects Swift Mailer:...
CVE-2024-13242 Swift Mailer - Moderately critical - Access bypass - SA-CONTRIB-2024-006
Exposed Dangerous Method or Function vulnerability in Drupal Swift Mailer allows Resource Location Spoofing.This issue affects Swift Mailer:...
CVE-2024-13242
CVE-2024-13242 concerns the Drupal Swift Mailer module, where an Exposed Dangerous Method or Function vulnerability allows Resource Location Spoofing. The CVE entry covers Swift Mailer and notes a high-impact exposure (CVSS 3.1: 9.1, NETWORK, PRIVILEGES NONE, USER INTERACTION NONE) with potential...
CVE-2024-13242 Swift Mailer - Moderately critical - Access bypass - SA-CONTRIB-2024-006
Exposed Dangerous Method or Function vulnerability in Drupal Swift Mailer allows Resource Location Spoofing.This issue affects Swift Mailer:...
Drupal 安全漏洞
Drupal is an open source content management system developed in the PHP language by the Drupal community. A security vulnerability exists in Drupal Swift Mailer, which stems from the inclusion of an Expose Danger method or feature vulnerability...
GHSA-XJW3-5R5C-M5PH typo3 Security fix for Flow Swift Mailer package
A remote code execution vulnerability has been found in the Swift Mailer library swiftmailer/swiftmailer recently. See this advisory for details. If you are not using the default mail transport, this particular problem does not affect you. Upgrading is of course still recommended!...
typo3 Security fix for Flow Swift Mailer package
A remote code execution vulnerability has been found in the Swift Mailer library swiftmailer/swiftmailer recently. See this advisory for details. If you are not using the default mail transport, this particular problem does not affect you. Upgrading is of course still recommended!...
GHSA-RQ6Q-HJVH-5MWH Flow Swift Mailer package Remote code execution
A remote code execution vulnerability has been found in the Swift Mailer library swiftmailer/swiftmailer recently. See this advisory for details. If you are not using the default mail transport, this particular problem does not affect you. Upgrading is of course still recommended!...
Flow Swift Mailer package Remote code execution
A remote code execution vulnerability has been found in the Swift Mailer library swiftmailer/swiftmailer recently. See this advisory for details. If you are not using the default mail transport, this particular problem does not affect you. Upgrading is of course still recommended!...
Remote Code Execution
friendsofsymfony1/symfony1 is vulnerable to Remote Code Execution. The vulnerability is due to the ability to abuse the destruct methods in Swift Mailer classes, which can be exploited to execute arbitrary PHP code if a developer unserializes untrusted user input...
Gadget chain in Symfony 1 due to vulnerable Swift Mailer dependency
Summary Symfony 1 has a gadget chain due to vulnerable Swift Mailer dependency that would enable an attacker to get remote code execution if a developer unserialize user input in his project. Details This vulnerability present no direct threat but is a vector that will enable remote code executio...
GHSA-WJV8-PXR6-5F4R Gadget chain in Symfony 1 due to vulnerable Swift Mailer dependency
Summary Symfony 1 has a gadget chain due to vulnerable Swift Mailer dependency that would enable an attacker to get remote code execution if a developer unserialize user input in his project. Details This vulnerability present no direct threat but is a vector that will enable remote code executio...
CVE-2024-28859
Symfony1 is a community fork of symfony 1.4 with DIC, form enhancements, latest Swiftmailer, better performance, composer compatible and PHP 8 support. Symfony 1 has a gadget chain due to vulnerable Swift Mailer dependency that would enable an attacker to get remote code execution if a developer...
CVE-2024-28859 Gadget chain in Symfony 1 due to vulnerable Swift Mailer dependency
Symfony1 is a community fork of symfony 1.4 with DIC, form enhancements, latest Swiftmailer, better performance, composer compatible and PHP 8 support. Symfony 1 has a gadget chain due to vulnerable Swift Mailer dependency that would enable an attacker to get remote code execution if a developer...
CVE-2024-28859
Summary: CVE-2024-28859 describes a gadget-chain-based remote code execution in Symfony1 caused by a vulnerable Swift Mailer dependency. The chain relies on deserializing crafted Swift_KeyCache_DiskKeyCache objects containing a sfOutputEscaperArrayDecorator that uses a user-controlled value and a...
CVE-2024-28859 Gadget chain in Symfony 1 due to vulnerable Swift Mailer dependency
Symfony1 is a community fork of symfony 1.4 with DIC, form enhancements, latest Swiftmailer, better performance, composer compatible and PHP 8 support. Symfony 1 has a gadget chain due to vulnerable Swift Mailer dependency that would enable an attacker to get remote code execution if a developer...