33 matches found
Exploit for CVE-2026-46275
CVE-2026-46725 — TYPO3 ceselector Extension RCE PHP Objec...
Deserialization of Untrusted Data
Overview symfony/monolog-bridge is a Provides integration for Monolog with various Symfony components Affected versions of this package are vulnerable to Deserialization of Untrusted Data via deserialization of network input in Symfony\Bridge\Monolog\Command\ServerLogCommand. An attacker can...
CVE-2026-33942
Saloon is a PHP library that gives users tools to build API integrations and SDKs. Versions prior to 4.0.0 used PHP's unserialize in AccessTokenAuthenticator::unserialize to restore OAuth token state from cache or storage, with allowedclasses = true. An attacker who can control the serialized...
Symfony-RCE
Symfony-RCE Exploit for the Symfony fragment Remote Code E...
EUVD-2025-25694
Malicious code in bioql PyPI...
Denial Of Service (DoS)
vrana/adminer is vulnerable to Denial of Service. The vulnerability is due to improper handling of crafted serialized payloads in Monolog logging, which allows an attacker to trigger excessive memory consumption via malicious serialized objects, leading to PHP Object Injection and server-level Do...
CVE-2025-43960
Adminer 4.8.1, when using Monolog for logging, allows a Denial of Service memory consumption via a crafted serialized payload e.g., using s:1000000000, leading to a PHP Object Injection issue. Remote, unauthenticated attackers can trigger this by sending a malicious serialized object, which force...
SUSE CVE-2025-43960
Adminer 4.8.1, when using Monolog for logging, allows a Denial of Service memory consumption via a crafted serialized payload e.g., using s:1000000000, leading to a PHP Object Injection issue. Remote, unauthenticated attackers can trigger this by sending a malicious serialized object, which force...
Adminer PHP Object Injection issue leads to Denial of Service
Adminer 4.8.1, when using Monolog for logging, allows a Denial of Service memory consumption via a crafted serialized payload e.g., using s:1000000000, leading to a PHP Object Injection issue. Remote, unauthenticated attackers can trigger this by sending a malicious serialized object, which force...
GHSA-MQH4-2MM8-G7W9 Adminer PHP Object Injection issue leads to Denial of Service
Adminer 4.8.1, when using Monolog for logging, allows a Denial of Service memory consumption via a crafted serialized payload e.g., using s:1000000000, leading to a PHP Object Injection issue. Remote, unauthenticated attackers can trigger this by sending a malicious serialized object, which force...
DEBIAN-CVE-2025-43960
Adminer 4.8.1, when using Monolog for logging, allows a Denial of Service memory consumption via a crafted serialized payload e.g., using s:1000000000, leading to a PHP Object Injection issue. Remote, unauthenticated attackers can trigger this by sending a malicious serialized object, which force...
CVE-2025-43960
Adminer 4.8.1, when using Monolog for logging, allows a Denial of Service memory consumption via a crafted serialized payload e.g., using s:1000000000, leading to a PHP Object Injection issue. Remote, unauthenticated attackers can trigger this by sending a malicious serialized object, which force...
CVE-2025-43960
Adminer 4.8.1, when using Monolog for logging, allows a Denial of Service memory consumption via a crafted serialized payload e.g., using s:1000000000, leading to a PHP Object Injection issue. Remote, unauthenticated attackers can trigger this by sending a malicious serialized object, which force...
PT-2025-34607 · Adminer · Adminer
Name of the Vulnerable Software and Affected Versions: Adminer version 4.8.1 Description: Adminer 4.8.1, when using Monolog for logging, is susceptible to a Denial of Service memory consumption through a crafted serialized payload, resulting in a PHP Object Injection issue. Remote, unauthenticate...
CVE-2025-43960
Adminer 4.8.1, when using Monolog for logging, allows a Denial of Service memory consumption via a crafted serialized payload e.g., using s:1000000000, leading to a PHP Object Injection issue. Remote, unauthenticated attackers can trigger this by sending a malicious serialized object, which force...
CVE-2025-43960
Adminer 4.8.1, when using Monolog for logging, allows a Denial of Service memory consumption via a crafted serialized payload e.g., using s:1000000000, leading to a PHP Object Injection issue. Remote, unauthenticated attackers can trigger this by sending a malicious serialized object, which force...
CVE-2025-43960
Adminer 4.8.1, when using Monolog for logging, allows a Denial of Service memory consumption via a crafted serialized payload e.g., using s:1000000000, leading to a PHP Object Injection issue. Remote, unauthenticated attackers can trigger this by sending a malicious serialized object, which force...
Adminer 安全漏洞
Adminer is an open source WordPress plugin for Adminer. It allows WordPress administrators to quickly perform database management. A security vulnerability exists in Adminer version 4.8.1, which stems from improper handling of specially serialized payloads when logging with Monolog, and could lea...
CVE-2025-43960
CVE-2025-43960 — Adminer 4.8.1 DoS via PHP Object Injection . The vulnerability occurs when Adminer uses Monolog for logging and processes a crafted serialized payload (for example, s:1000000000), enabling a remote, unauthenticated attacker to trigger a Denial of Service through memory exhaustion...
CVE-2021-24307
The All in One SEO – Best WordPress SEO Plugin – Easily Improve Your SEO Rankings before 4.1.0.2 enables authenticated users with "aioseotoolssettings" privilege most of the time admin to execute arbitrary code on the underlying host. Users can restore plugin's configuration by uploading a backup...