Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2025/05/23 8:16 a.m.1 views

CVE-2024-36611

In Symfony v7.07, a security vulnerability was identified in the FormLoginAuthenticator component, where it failed to adequately handle cases where the username or password field of a login request is empty. This flaw could lead to various security risks, including improper authentication logic...

7.5CVSS5.9AI score0.00097EPSS
Exploits0References1
OSV
OSVadded 2024/11/29 7:15 p.m.2 views

DEBIAN-CVE-2024-36611

In Symfony v7.07, a security vulnerability was identified in the FormLoginAuthenticator component, where it failed to adequately handle cases where the username or password field of a login request is empty. This flaw could lead to various security risks, including improper authentication logic...

7.5CVSS5.4AI score0.00097EPSS
Exploits0References1
OSV
OSVadded 2024/11/29 7:15 p.m.2 views

CVE-2024-36611

In Symfony v7.07, a security vulnerability was identified in the FormLoginAuthenticator component, where it failed to adequately handle cases where the username or password field of a login request is empty. This flaw could lead to various security risks, including improper authentication logic...

7.5CVSS7.6AI score
Exploits0References5
OSV
OSVadded 2024/11/29 7:15 p.m.0 views

UBUNTU-CVE-2024-36611

In Symfony v7.07, a security vulnerability was identified in the FormLoginAuthenticator component, where it failed to adequately handle cases where the username or password field of a login request is empty. This flaw could lead to various security risks, including improper authentication logic...

7.5CVSS5.8AI score0.00097EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2024/11/29 12:0 a.m.4 views

PT-2024-27093 · Symfony · Symfony

Name of the Vulnerable Software and Affected Versions: Symfony version 7.0.3 Description: A deserialization vulnerability is reported to exist in the Stub class of the VarDumper module in Symfony. The issue stems from deficiencies in handling properties with null or uninitialized values,...

9.8CVSS6.8AI score
Exploits0References15
Schneier on Security
Schneier on Securityadded 2024/02/09 6:10 p.m.13 views

No, Toothbrushes Were Not Used in a Massive DDoS Attack

The widely reported story last week that 1.5 million smart toothbrushes were hacked and used in a DDoS attack is false. Near as I can tell, a German reporter talking to someone at Fortinet got it wrong, and then everyone else ran with it without reading the German text. It was a hypothetical, whi...

7.2AI score
Exploits0
OSV
OSVadded 2021/05/31 3:39 p.m.7 views

UVI-2021-1000138 ext4: fix check to prevent false positive report of incorrect used inodes

ext4: fix check to prevent false positive report of incorrect used inodes This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.36 by commit...

7.2AI score
Exploits0
OSV
OSVadded 2019/11/26 6:15 p.m.1 views

CVE-2019-17590

The csrfcallback function in the CSRF Magic library through 2016-03-27 is vulnerable to CSRF protection bypass as it allows one to tamper with the csrf token values. A remote attacker can exploit this by crafting a malicious page and dispersing it to a victim via social engineering, enticing them...

8.8CVSS7.3AI score
Exploits0References1
Rows per page
Query Builder