Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/04/06 10:30 a.m.19 views

CVE-2025-2244

A vulnerability in the sendMailFromRemoteSource method in Emails.php as used in Bitdefender GravityZone Console unsafely uses php unserialize on user-supplied input without validation. By crafting a malicious serialized payload, an attacker can trigger PHP object injection, perform a file write,...

9.5CVSS7.5AI score0.0103EPSS
Exploits0References3
circl
circl
added 2025/04/04 10:40 a.m.12 views

CVE-2025-2244

creationtimestamp| type| source ---|---|--- 2025-04-04 10:40:20+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3llya3ocjwm2s 2025-04-04 12:29:03+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114279693824501382 2025-04-04 12:29:03+00:00| seen|...

9.8CVSS8.9AI score0.0103EPSS
Exploits0References8
osv
osv
added 2025/04/04 10:15 a.m.3 views

CVE-2025-2244

A vulnerability in the sendMailFromRemoteSource method in Emails.php as used in Bitdefender GravityZone Console unsafely uses php unserialize on user-supplied input without validation. By crafting a malicious serialized payload, an attacker can trigger PHP object injection, perform a file write,...

9.8CVSS7.7AI score0.0103EPSS
Exploits0References1
cvelist
cvelist
added 2025/04/04 9:52 a.m.21 views

CVE-2025-2244 Insecure PHP deserialization issue in GravityZone Console (VA-12634)

A vulnerability in the sendMailFromRemoteSource method in Emails.php as used in Bitdefender GravityZone Console unsafely uses php unserialize on user-supplied input without validation. By crafting a malicious serialized payload, an attacker can trigger PHP object injection, perform a file write,...

9.5CVSS0.0103EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/04/04 9:52 a.m.11 views

CVE-2025-2244 Insecure PHP deserialization issue in GravityZone Console (VA-12634)

A vulnerability in the sendMailFromRemoteSource method in Emails.php as used in Bitdefender GravityZone Console unsafely uses php unserialize on user-supplied input without validation. By crafting a malicious serialized payload, an attacker can trigger PHP object injection, perform a file write,...

9.5CVSS7.7AI score0.0103EPSS
Exploits0References1
Rows per page
Query Builder