Lucene search
K

5 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:51 a.m.4 views

SUSE CVE-2020-28948

ArchiveTar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked...

7.8CVSS7AI score0.47493EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2022/11/02 4:38 p.m.6 views

Archive_Tar: allows an unserialization attack because phar: is blocked but PHAR: is not blocked

ArchiveTar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked...

7.8CVSS5.8AI score0.47493EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2022/09/26 4:34 p.m.4 views

Mozilla: Remote content specified in an HTML document that was nested inside an iframe's srcdoc attribute was not blocked

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of when receiving an HTML email that contained an iframe element, which used a srcdoc attribute to define the internal HTML document, remote objects specified in the nested document for example, images or...

6.5CVSS6.9AI score0.00663EPSS
Exploits0References6
VulnCheck KEV
VulnCheck KEV
added 2022/08/25 12:0 a.m.2 views

VulnCheck KEV: CVE-2020-28949

PEAR ArchiveTar allows an unserialization attack because phar: is blocked but PHAR: is not blocked. PEAR stands for PHP Extension and Application Repository and it is an open-source framework and distribution system for reusable PHP components with known usage in third-party products such as...

7.8CVSS7.2AI score0.84554EPSS
Exploits4References1
OSV
OSV
added 2021/11/10 11:15 p.m.5 views

UBUNTU-CVE-2021-33816

The website builder module in Dolibarr 13.0.2 allows remote PHP code execution because of an incomplete protection mechanism in which system, exec, and shellexec are blocked but backticks are not blocked...

9.8CVSS6.2AI score0.03815EPSS
Exploits3References4
Rows per page
Query Builder