EUVD-2018-9376

Malware in sbrugna...

CVE-2021-26119

Smarty before 3.1.39 allows a Sandbox Escape because $smarty.templateobject can be accessed in sandbox mode...

BIT-ROUNDCUBE-2020-13964

An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. include/rcmailoutputhtml.php allows XSS via the username template object...

The vulnerability of implementing a isolated programming environment for PHP Smarty’s template processors allows attackers to circumvent the restrictions of an isolated programming environment.

The vulnerability of implementing a isolated programming environment for PHP Smarty’s template handlers is related to deficiencies in access control during the processing of the $smarty.templateobject object. Exploiting this vulnerability allows an attacker to circumvent the restrictions of an...

GHSA-W5HR-JM4J-9JVQ Sandbox escape through template_object in smarty

Sandbox protection could be bypassed through access to an internal Smarty object that should have been blocked. Sites that rely on Smarty Security features should upgrade as soon as possible. Please upgrade to 3.1.39 or higher...

DEBIAN-CVE-2021-26119

Smarty before 3.1.39 allows a Sandbox Escape because $smarty.templateobject can be accessed in sandbox mode...

UBUNTU-CVE-2021-26119

Smarty before 3.1.39 allows a Sandbox Escape because $smarty.templateobject can be accessed in sandbox mode...

CVE-2021-26119

Smarty before 3.1.39 allows a Sandbox Escape because $smarty.templateobject can be accessed in sandbox mode...

openSUSE Security Update : roundcubemail (openSUSE-2020-1516)

This update for roundcubemail fixes the following issues : roundcubemail was upgraded to 1.3.15 This is a security update to the LTS version 1.3. boo1175135 - Security: Fix cross-site scripting XSS via HTML messages with malicious svg content CVE-2020-16145 - Security: Fix cross-site scripting XS...

OPENSUSE-SU-2020:1516-1 Security update for roundcubemail

This update for roundcubemail fixes the following issues: roundcubemail was upgraded to 1.3.15 This is a security update to the LTS version 1.3. boo1175135 Security: Fix cross-site scripting XSS via HTML messages with malicious svg content CVE-2020-16145 Security: Fix cross-site scripting XSS via...

DEBIAN-CVE-2020-13964

An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. include/rcmailoutputhtml.php allows XSS via the username template object...

UBUNTU-CVE-2020-13964

An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. include/rcmailoutputhtml.php allows XSS via the username template object...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2018-17629

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...