Lucene search
K

12 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-3603

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PHPMailer 6.4.1 and earlier contain a vulnerability that can result in untrusted code being called if such code is injected into the host project's scope by oth...

8.1CVSS6.8AI score0.0226EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/03/16 12:0 a.m.33 views

Ubuntu: Security Advisory (USN-5956-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.99714EPSS
Exploits67References2
OpenVAS
OpenVAS
added 2023/03/16 12:0 a.m.36 views

Ubuntu: Security Advisory (USN-5956-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.99714EPSS
Exploits67References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.12 views

Mageia: Security Advisory (MGASA-2021-0345)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.1AI score0.0226EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/07/12 12:0 a.m.30 views

FreeBSD : mantis -- multiple vulnerabilities (9b1699ff-d84c-11eb-92d6-1b6ff3dfe4d3)

Mantis 2.25.1 and 2.25.2 releases report : Security and maintenance release, PHPMailer update to 6.5.0 - 0028552: XSS in managecustomfieldeditpage.php CVE-2021-33557 - 0028821: Update PHPMailer to 6.5.0 CVE-2021-3603, CVE-2020-36326 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

9.8CVSS6.5AI score0.03095EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2021/06/28 12:0 a.m.19 views

Fedora: Security Advisory for php-phpmailer6 (FEDORA-2021-bfc34b3d5c)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.2AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2021/06/22 3:18 p.m.64 views

PHPMailer untrusted code may be run from an overridden address validator

If a function is defined that has the same name as the default built-in email address validation scheme php, it will be called in default configuration as when no validation scheme is provided, the default scheme's callable php was being called. If an attacker is able to inject such a function in...

8.1CVSS7.9AI score0.0226EPSS
Exploits0References10Affected Software1
CVE
CVE
added 2021/06/17 12:9 p.m.116 views

CVE-2021-3603

PHPMailer CVE-2021-3603 affects PHPMailer 6.4.1 and earlier, where validateAddress() could call an untrusted function named php if patternselect is 'php' and a global function php exists. This occurs when user-provided input injects such a function into the host project scope. The issue is mitiga...

8.1CVSS7.9AI score0.0226EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVAS
added 2021/06/17 12:0 a.m.21 views

PHPMailer < 6.5.0 RCE Vulnerability

PHPMailer is prone to a remote code execution RCE vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

8.1CVSS8.4AI score0.0226EPSS
Exploits0References1
Friends Of PHP
Friends Of PHP
added 2021/06/16 4:20 p.m.45 views

RCE affecting Windows hosts via UNC paths to translation files

This is a security release. SECURITY Fixes CVE-2021-34551, a complex RCE affecting Windows hosts. See SECURITY.md for details. The fix for this issue changes the way that language files are loaded. While they remain in the same PHP-like format, they are processed as plain text, and any code in th...

8.1CVSS8AI score0.02803EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 2021/06/16 4:20 p.m.37 views

Untrusted code may be run from an overridden address validator

This is a security release. SECURITY Fixes CVE-2021-34551, a complex RCE affecting Windows hosts. See SECURITY.md for details. The fix for this issue changes the way that language files are loaded. While they remain in the same PHP-like format, they are processed as plain text, and any code in th...

8.1CVSS8AI score0.02803EPSS
Exploits0Affected Software1
FreeBSD
FreeBSD
added 2021/04/28 12:0 a.m.28 views

mantis -- multiple vulnerabilities

Mantis 2.25.1 and 2.25.2 releases report: Security and maintenance release, PHPMailer update to 6.5.0 0028552: XSS in managecustomfieldeditpage.php CVE-2021-33557 0028821: Update PHPMailer to 6.5.0 CVE-2021-3603, CVE-2020-36326...

9.8CVSS1.3AI score0.03095EPSS
Exploits1References3
Rows per page
Query Builder