Lucene search
K

111 matches found

Debian CVE
Debian CVE
added 2018/09/14 8:0 p.m.56 views

CVE-2018-17057

An issue was discovered in TCPDF before 6.2.22. Attackers can trigger deserialization of arbitrary data via the phar:// wrapper...

9.8CVSS9.6AI score0.26172EPSS
Exploits7
Friends Of PHP
Friends Of PHP
added 2018/09/14 3:26 p.m.19 views

Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.

Fix for security vulnerability: Using the phar:// wrapper it was possible to trigger the unserialization of user provided data...

9.8CVSS9.3AI score0.26172EPSS
Exploits7Affected Software1
Positive Technologies
Positive Technologies
added 2018/09/14 12:0 a.m.2 views

PT-2018-13869 · Tcpdf · Tcpdf

Name of the Vulnerable Software and Affected Versions: TCPDF versions prior to 6.2.22 Description: An issue allows attackers to trigger deserialization of arbitrary data via the phar:// wrapper. Recommendations: For versions prior to 6.2.22, update to version 6.2.22 or later to resolve the issue...

9.8CVSS9.4AI score0.26172EPSS
Exploits7References21
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.19 views

Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.

There was a problem hiding this comment. Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. Choose a reason Spam Abuse Off Topic Outdated Duplicate Resolved Hide comment I'm afraid this change is wrong. fileexists is not the only...

7.5CVSS2.9AI score0.26172EPSS
Exploits7Affected Software1
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.37 views

Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.

There was a problem hiding this comment. Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. Choose a reason Spam Abuse Off Topic Outdated Duplicate Resolved Hide comment I'm afraid this change is wrong. fileexists is not the only...

7.5CVSS2.9AI score0.26172EPSS
Exploits7Affected Software1
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.31 views

Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.

There was a problem hiding this comment. Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. Choose a reason Spam Abuse Off Topic Outdated Duplicate Resolved Hide comment I'm afraid this change is wrong. fileexists is not the only...

7.5CVSS2.9AI score0.26172EPSS
Exploits7Affected Software1
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.34 views

Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.

There was a problem hiding this comment. Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. Choose a reason Spam Abuse Off Topic Outdated Duplicate Resolved Hide comment I'm afraid this change is wrong. fileexists is not the only...

7.5CVSS2.9AI score0.26172EPSS
Exploits7Affected Software1
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.22 views

Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.

Fix for security vulnerability: Using the phar:// wrapper it was possible to trigger the unserialization of user provided data...

9.8CVSS9.3AI score0.26172EPSS
Exploits7Affected Software1
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.29 views

Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.

Fix for security vulnerability: Using the phar:// wrapper it was possible to trigger the unserialization of user provided data...

9.8CVSS9.3AI score0.26172EPSS
Exploits7Affected Software1
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.24 views

Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.

Fix for security vulnerability: Using the phar:// wrapper it was possible to trigger the unserialization of user provided data...

9.8CVSS9.3AI score0.26172EPSS
Exploits7Affected Software1
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.57 views

Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.

Fix for security vulnerability: Using the phar:// wrapper it was possible to trigger the unserialization of user provided data...

9.8CVSS9.3AI score0.26172EPSS
Exploits7Affected Software1
Rows per page
Query Builder