143 matches found
PT-2018-12889 · Laravel · Laravel Framework
Name of the Vulnerable Software and Affected Versions: Laravel Framework versions 5.5.0 through 5.5.40 Laravel Framework versions 5.6.0 through 5.6.29 Description: Remote code execution might occur due to an unserialize call on a potentially untrusted X-XSRF-TOKEN value. This issue involves the...
Laravel Framework Unserialize Token RCE (CVE-2018-15133)
In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execution might occur as a result of an unserialize call on a potentially untrusted X-XSRF-TOKEN value. This involves the decrypt method in Illuminate/Encryption/Encrypter.php and PendingBroadcast in...
CVE-2001-0081
swinit in nCipher does not properly disable the Operator Card Set recovery feature even when explicitly disabled by the user, which could allow attackers to gain access to application keys...