CLSA-2026-1777307149 libarchive: Fix of CVE-2021-31566

CVE-2021-31566: extend backport with upstream 8a1bd5c and ede459d2 to close the trailing-slash variant of the fixup-list symlink-follow attack...

EUVD-2004-0577

Malware in sbrugna...

SUSE CVE-2015-2060

cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash...

Symfony Directory Traversal

An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. The Intl component includes various bundle readers that are used to read resource bundles from the local filesystem. The read methods of these classes use a path and a locale to determine the...

Phpfusion 跨站脚本漏洞

PHPFusion is a lightweight open source content management system. A cross-site scripting vulnerability exists in the descript function in PHPFusion version 9.03.110. An attacker could exploit this vulnerability by appending "//" to the end of the text to conduct a cross-site scripting attack...

DEBIAN-CVE-2017-16654

An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. The Intl component includes various bundle readers that are used to read resource bundles from the local filesystem. The read methods of these classes use a path and a locale to determine the...

CVE-2017-16654

An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. The Intl component includes various bundle readers that are used to read resource bundles from the local filesystem. The read methods of these classes use a path and a locale to determine the...