6 matches found
Laravel Livewire v3 - Remote Command Execution
Livewire v3 Laravel contains a vulnerability in its component hydration/update mechanism that can be exploited to reach remote command execution RCE without authentication under certain conditions. id: CVE-2025-54068 info: name: Laravel Livewire v3 - Remote Command Execution author: flame-11...
CVE-2026-46745
Apache Airflow FAB Auth Manager contains an LDAP filter injection vulnerability CWE-90 that allows unauthenticated attackers to exfiltrate directory data or bypass authentication. Upgrade to apache-airflow-providers-fab 3.6.4 or later. If immediate upgrade is not possible, disable LDAP...
CVE-2026-46745 Apache Airflow FAB provider: LDAP Filter Injection in FAB Auth Manager _search_ldap reachable via /auth/token
Apache Airflow FAB Auth Manager contains an LDAP filter injection vulnerability CWE-90 that allows unauthenticated attackers to exfiltrate directory data or bypass authentication. Upgrade to apache-airflow-providers-fab 3.6.4 or later. If immediate upgrade is not possible, disable LDAP...
Arbitrary Code Injection
Overview livewire/livewire is an A front-end framework for Laravel. Affected versions of this package are vulnerable to Arbitrary Code Injection via the hydration process of component property updates. An attacker can execute arbitrary commands on the server by sending specially crafted requests ...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the mbedtlslmsimportpublickey function. An attacker can cause a crash or disclose limited adjacent memory by providing a truncated LMS public-key buffer that is less than four bytes in length. Workaround For the...
PT-2023-10826 · Sea75300 · Fanpress Cm
Name of the Vulnerable Software and Affected Versions: sea75300 FanPress CM versions up to 3.6.3 Description: A vulnerability was found in the Template Preview component, specifically affecting the getArticlesPreview function of the file inc/controller/action/system/templatepreview.php. This issu...