Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2026/02/12 12:0 a.m.8 views

Symfony Process Component < 5.4.51 / 6.4.x < 6.4.33 / 7.3.x < 7.3.11 / 7.4.x < 7.4.5 / 8.0.x < 8.0.5 Argument Injection (GHSA-r39x-jcww-82v6)

The version of Symfony Process Component installed on the remote host is prior to 5.4.51, or 6.4.x prior to 6.4.33, or 7.3.x prior to 7.3.11, or 7.4.x prior to 7.4.5, or 8.0.x prior to 8.0.5. It is, therefore, affected by an argument injection vulnerability. The Symfony Process component did not...

6.3CVSS5.9AI score0.00201EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/01/28 8:25 p.m.3 views

CVE-2026-24739 Symfony has incorrect argument escaping under MSYS2/Git Bash on Windows that can lead to destructive file operations

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to versions 5.4.51, 6.4.33, 7.3.11, 7.4.5, and 8.0.5, the Symfony Process component did not correctly treat some characters notably = as “special” when escaping arguments on Windows. When PHP i...

6.3CVSS5.8AI score0.00201EPSS
Exploits1References5
OSV
OSV
added 2025/12/11 6:34 a.m.7 views

CVE-2025-67738

squid/cachemgr.cgi in Webmin before 2.600 does not properly quote arguments. This is relevant if Webmin's Squid module and its Cache Manager feature are available, and an untrusted party is able to authenticate to Webmin and has certain Cache Manager permissions the "cms" security option...

8.5CVSS6.8AI score0.00311EPSS
Exploits0References5
CVE
CVE
added 2025/12/11 6:34 a.m.34 views

CVE-2025-67738

CVE-2025-67738 affects Webmin prior to 2.600. The issue resides in squid/cachemgr.cgi where arguments are not properly quoted, applicable when Webmin’s Squid module and its Cache Manager feature are enabled and an untrusted, authenticated user holds certain Cache Manager permissions (the cms opti...

8.5CVSS6.5AI score0.00311EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 7:20 p.m.7 views

CVE-2021-24030

The fbgames protocol handler registered as part of Facebook Gameroom does not properly quote arguments passed to the executable. That allows a malicious URL to cause code execution. This issue affects versions prior to v1.26.0...

9.8CVSS7.3AI score0.01693EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/03/10 3:50 p.m.25 views

CVE-2021-24030

The fbgames protocol handler registered as part of Facebook Gameroom does not properly quote arguments passed to the executable. That allows a malicious URL to cause code execution. This issue affects versions prior to v1.26.0...

9.7AI score0.01693EPSS
Exploits0References1
Rows per page
Query Builder