CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/02/03 6:29 p.m.•3 views

EUVD-2026-5198

PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, use of pregreplace with the /e modifier in bug update email handling can enable PHP code execution if attacker-controlled content reaches the evaluated replacement. This issue has been patched in...

9.2CVSS6AI score0.00122EPSS

EUVD•added 2026/02/03 6:29 p.m.•1 views

EUVD-2026-5202

PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, logic bug in the roadmap role check allows non-lead maintainers to create, update, or delete roadmaps. This issue has been patched in version 1.33.0...

7.1CVSS5.3AI score0.00062EPSS

Positive Technologies•added 2026/01/28 12:0 a.m.•2 views

PT-2026-5242

Name of the Vulnerable Software and Affected Versions Drupal Canvas versions prior to 1.0.4 Description The Drupal Canvas module has an authorization issue that allows forceful browsing of Canvas Pages when they are unpublished. The module does not adequately validate access to Canvas Pages,...

4.8CVSS5.4AI score0.00042EPSS

Exploits0References6

Fedora•added 2024/03/07 10:33 p.m.•19 views

[SECURITY] Fedora 40 Update: xmlgraphics-commons-2.9-3.fc40

Apache XML Graphics Commons is a library that consists of several reusable components used by Apache Batik and Apache FOP. Many of these components can easily be used separately outside the domains of SVG and XSL-FO. You will find components such as a PDF library, an RTF library, Graphics2D...

8.8CVSS6.9AI score0.46427EPSS

Fedora•added 2024/03/07 10:33 p.m.•18 views

[SECURITY] Fedora 40 Update: plexus-resources-1.3.0-4.fc40

The Plexus project seeks to create end-to-end developer tools for writing applications. At the core is the container, which can be embedded or for a full scale application server. There are many reusable components for hibernate, form processing, jndi, i18n, velocity, etc. Plexus also includes an...

Fedora•added 2024/03/07 10:33 p.m.•18 views

[SECURITY] Fedora 40 Update: plexus-utils-3.5.1-8.fc40

Fedora•added 2024/03/07 10:33 p.m.•21 views

[SECURITY] Fedora 40 Update: plexus-i18n-1.0-0.31.b10.4.fc40

Fedora•added 2024/03/07 10:33 p.m.•23 views

[SECURITY] Fedora 40 Update: plexus-containers-2.2.0-3.fc40

OSV•added 2024/03/06 11:8 a.m.•19 views

BIT-SYMFONY-2021-32693

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. A vulnerability related to firewall authentication is in Symfony starting with version 5.3.0 and prior to 5.3.2. When an application defines multiple firewalls, the token authenticated by one of the...

8.8CVSS8.6AI score0.00217EPSS

Exploits0References4

OSV•added 2024/03/06 11:7 a.m.•25 views

BIT-SYMFONY-2022-24894

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony HTTP cache system, acts as a reverse proxy: It caches entire responses including headers and returns them to the clients. In a recent change in the AbstractSessionListener, the response...

8.8CVSS6.8AI score0.00182EPSS

Exploits1References3

CNVD•added 2022/03/04 12:0 a.m.•21 views

VIewComponent Cross-Site Scripting Vulnerability

VIewComponent is a framework for building reusable, testable and encapsulated view components in Ruby on Rails. VIewComponent suffers from a cross-site scripting vulnerability that stems from data received via user input and passed as interpolated parameters to the translat method not being clean...

8.1CVSS2.2AI score0.00735EPSS