Lucene search
K

7 matches found

EUVD
EUVD
added 2026/06/26 2:52 p.m.7 views

EUVD-2026-39710

Subscriber PHP Object Injection in RealHomes = 4.5.3 versions...

8.8CVSS5.8AI score0.00391EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:52 p.m.5 views

EUVD-2026-39695

Subscriber PHP Object Injection in Buddyboss Platform = 3.0.4 versions...

9.8CVSS5.8AI score0.00525EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/25 1:12 p.m.4 views

CVE-2026-56053

Subscriber PHP Object Injection in EventPrime = 4.3.4.1 versions...

8.8CVSS5.8AI score0.00391EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.7 views

PT-2026-52434

Name of the Vulnerable Software and Affected Versions EventPrime versions prior to 4.3.4.2 Description PHP Object Injection occurs when an application deserializes untrusted data, allowing an attacker to manipulate the object structure and potentially execute arbitrary code or perform unauthorize...

8.8CVSS6.1AI score0.00391EPSS
Exploits0References3
NVD
NVD
added 2026/05/08 11:16 p.m.21 views

CVE-2026-42352

pygeoapi is a Python server implementation of the OGC API suite of standards. From version 0.23.0 to before version 0.23.3, OGC API process execution requests can use the subscriber object to requests to internal HTTP services. This issue has been patched in version 0.23.3...

8.6CVSS0.00454EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/08 10:31 p.m.8 views

CVE-2026-42352

pygeoapi is a Python server implementation of the OGC API suite of standards. From version 0.23.0 to before version 0.23.3, OGC API process execution requests can use the subscriber object to requests to internal HTTP services. This issue has been patched in version 0.23.3...

8.6CVSS5.9AI score0.00454EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/05/08 10:31 p.m.14 views

CVE-2026-42352

pygeoapi is vulnerable to SSRF via the OGC API - Process execution path in versions 0.23.0 up to 0.23.3. The issue arises from the subscriber object enabling requests to internal HTTP services. It has been patched in version 0.23.3. Affected releases include 0.23.0–0.23.2, with fixes in 0.23.3. M...

8.6CVSS5.9AI score0.00454EPSS
Exploits0References3
Rows per page
Query Builder