Lucene search
K

82 matches found

Mageia
Mageia
added 2022/06/13 8:44 p.m.50 views

Updated php-smarty packages fix security vulnerability

Template authors could inject php code by choosing a malicious block name or include file name. CVE-2022-29221...

8.8CVSS2.7AI score0.0454EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2022/04/04 12:0 a.m.25 views

Mageia: Security Advisory (MGASA-2022-0127)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.6AI score0.82316EPSS
Exploits4References5
OSV
OSV
added 2022/04/02 10:22 p.m.9 views

MGASA-2022-0127 Updated php-smarty packages fix security vulnerability

Updated php-smarty packages to version 4 for php 8 compatibility and to fix security vulnerabilities...

9.8CVSS7.1AI score0.82316EPSS
Exploits4References4
Mageia
Mageia
added 2022/04/02 10:22 p.m.131 views

Updated php-smarty packages fix security vulnerability

Updated php-smarty packages to version 4 for php 8 compatibility and to fix security vulnerabilities...

9.8CVSS3.8AI score0.82316EPSS
Exploits4References3
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.14 views

Mageia: Security Advisory (MGASA-2014-0469)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.03127EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.21 views

Mageia: Security Advisory (MGASA-2018-0118)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.03124EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2018-0403)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.7AI score0.03463EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.26 views

Mageia: Security Advisory (MGASA-2021-0335)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.82316EPSS
Exploits2References5
Mageia
Mageia
added 2021/07/10 8:0 p.m.67 views

Updated php-smarty package fixes security vulnerabilities

Smarty before 3.1.39 allows a Sandbox Escape because $smarty.templateobject can be accessed in sandbox mode CVE-2021-26119. Smarty before 3.1.39 allows code injection via an unexpected function name after a function name= substring CVE-2021-26120...

9.8CVSS3.4AI score0.82316EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2019/05/07 12:0 a.m.77 views

Fedora Update for php-Smarty FEDORA-2019-e595e8a7d7

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/03/08 12:0 a.m.37 views

Fedora 29 : php-Smarty (2019-e595e8a7d7)

===== 3.1.33 release ===== 12.09.2018 ===== 3.1.33-dev-12 ===== 03.09.2018 - bugfix foreach using new style property access like $item@property on Smarty 2 style named foreach loop could produce errors https://github.com/smarty-php/smarty/issues/484 Note that Tenable Network Security has extracte...

9.8CVSS6.8AI score0.03463EPSS
Exploits2References16
Tenable Nessus
Tenable Nessus
added 2019/03/08 12:0 a.m.29 views

Fedora 28 : php-Smarty (2019-d248c5aa39)

===== 3.1.33 release ===== 12.09.2018 ===== 3.1.33-dev-12 ===== 03.09.2018 - bugfix foreach using new style property access like $item@property on Smarty 2 style named foreach loop could produce errors https://github.com/smarty-php/smarty/issues/484 Note that Tenable Network Security has extracte...

9.8CVSS6.8AI score0.03463EPSS
Exploits2References16
OpenVAS
OpenVAS
added 2019/03/07 12:0 a.m.30 views

Fedora Update for php-Smarty FEDORA-2019-d248c5aa39

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8AI score
Exploits0References2
Fedora
Fedora
added 2019/03/06 6:58 a.m.30 views

[SECURITY] Fedora 29 Update: php-Smarty-3.1.33-1.fc29

Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. This implies that PHP code is application logic, and is separated from the presentation. Autoloader: /usr/share/php/Smarty/autoload.php...

9.8CVSS1.8AI score0.03463EPSS
Exploits2
OSV
OSV
added 2018/10/19 6:0 p.m.8 views

MGASA-2018-0403 Updated php-smarty packages fix security vulnerability

Smarty 3.1.32 or below is prone to a path traversal vulnerability due to insufficient template code sanitization. This allows attackers controlling the executed template code to bypass the trusted directory security restriction and read arbitrary files CVE-2018-13982...

7.5CVSS8AI score0.03463EPSS
Exploits1References3
OSV
OSV
added 2018/02/06 3:35 p.m.9 views

MGASA-2018-0118 Updated php-smarty packages fix security vulnerability

Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch or display functions on custom resources that does not sanitize template nameCVE-2017-1000480...

9.8CVSS9.7AI score0.03124EPSS
Exploits0References2
securityvulns
securityvulns
added 2014/12/01 12:0 a.m.95 views

[ MDVSA-2014:221 ] php-smarty

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:221 http://www.mandriva.com/en/support/security/ Package : php-smarty Date : November 21, 2014 Affected: Business Server 1.0 Problem Description: References: https://vulners.com/cve/CVE-2012-4437...

7.5CVSS6AI score0.03127EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2014/11/24 12:0 a.m.38 views

Mandriva Linux Security Advisory : php-smarty (MDVSA-2014:221)

An XSS vulnerability in the SmartyException class in Smarty aka smarty-php before 3.1.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger a Smarty exception CVE-2012-4437. Smarty before 3.1.21 allows remote attackers to bypass the secure mode...

7.5CVSS6AI score0.03127EPSS
Exploits1References3
OSV
OSV
added 2014/11/21 12:44 p.m.6 views

MGASA-2014-0469 Updated php-smarty packages fix security vulnerability

Smarty before 3.1.21 allows remote attackers to bypass the secure mode restrictions and execute arbitrary PHP code as demonstrated by "literal" in a template CVE-2014-8350...

7.5CVSS7.2AI score0.03127EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2014/11/10 12:0 a.m.22 views

Fedora 21 : php-Smarty-3.1.21-1.fc21 (2014-13618)

New upstream release, fix CVE-2014-8350 New upstream release New upstream release New upstream release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

7.5CVSS5.3AI score0.03127EPSS
Exploits1References3
Rows per page
Query Builder