CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

59 matches found

Tenable Nessus•added 2026/05/28 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-48761

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ubuntu Linux - Unknown description CVE-2026-48761 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenabl...

5.5AI score0.00051EPSS

Exploits0References2

Snyk•added 2026/05/27 9:41 a.m.•10 views

Cross-site Scripting (XSS)

Overview symfony/symfony is a PHP framework for web applications and a set of reusable PHP components. Affected versions of this package are vulnerable to Cross-site Scripting XSS via HtmlSanitizer due to improper sanitization of URL attributes on object, applet, iframe, img and meta refresh. By...

6.1CVSS5.6AI score0.00051EPSS

Exploits0References2

Friends Of PHP•added 2026/05/20 8:0 a.m.•11 views

Arbitrary PHP code execution via `_self.(<string>)` macro-reference compilation

More info at https://symfony.com/cve-2026-46640...

5.8AI score0.00056EPSS

Exploits0Affected Software1

AstraLinux•added 2026/05/03 11:59 p.m.•11 views

Astra Linux – Vulnerability in symfony

Symfony is a PHP framework for web and console applications, along with a set of reusable PHP components. The Symfony HTTP cache system functions as a reverse proxy: it caches entire responses including headers and returns them to clients. In a recent change to the AbstractSessionListener,...

8.8CVSS7.7AI score0.00753EPSS

Exploits1References2

Veracode•added 2025/12/13 5:51 a.m.•2 views

Improper Input Validation

Symfony is vulnerable to improper input validation. The vulnerability is due to incorrect interpretation of PATHINFO in the Request class, which allows an attacker to bypass access control mechanisms by crafting URLs that do not start with a /...

7.3CVSS5.8AI score0.01297EPSS

Exploits0References6Affected Software2

CNNVD•added 2025/11/12 12:0 a.m.•4 views

Symfony 安全漏洞

Symfony is a PHP framework for web and console applications and a set of reusable PHP components from Symfony, Inc. A security vulnerability exists in Symfony versions prior to 5.4.50, 6.4.29, and 7.3.7, which stems from improper parsing of PATHINFO and could lead to bypassing access control rule...

7.3CVSS6.4AI score0.01297EPSS

Exploits0References6