CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2007-1454

Malware in sbrugna...

5CVSS6.1AI score0.01192EPSS

Exploits1References13

Huntr•added 2023/02/02 3:11 a.m.•22 views

Restrictive composer.json makes Dompdf vulnerable to URI validation failure on SVG parsing

Description The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing tags with uppercase letters. This might lead to arbitrary object unserialize on PHP tags, in src/Image/Cache.php: if $type === "svg" $parser = xmlparsercreate"utf-8"; xmlparsersetoption$parser,...

6.4AI score

Exploits0References2

Github Security Blog•added 2023/02/01 1:37 a.m.•35 views

Dompdf vulnerable to URI validation failure on SVG parsing

Summary The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing tags with uppercase letters. This might leads to arbitrary object unserialize on PHP tags, in src/Image/Cache.php : if $type === "svg" $parser = xmlparsercreate"utf-8"; xmlparsersetoption$parser,...

10CVSS9.2AI score0.51462EPSS

Exploits2References6Affected Software1

Prion•added 2023/02/01 12:15 a.m.•16 views

Remote code execution

Dompdf is an HTML to PDF converter. The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing tags with uppercase letters. This may lead to arbitrary object unserialize on PHP 8, through the phar URL wrapper. An attacker can exploit the vulnerability to call arbitrary URL with...

7.5CVSS9.5AI score0.51462EPSS

Exploits2References3Affected Software1

Debian CVE•added 2023/01/31 11:54 p.m.•14 views

CVE-2023-23924

10CVSS9.6AI score0.51462EPSS

Exploits2

Cvelist•added 2023/01/31 11:54 p.m.•15 views

CVE-2023-23924 URI validation failure on SVG parsing in Dompdf

10CVSS9.7AI score0.51462EPSS

Exploits2References3

OSV•added 2023/01/31 11:54 p.m.•20 views

CVE-2023-23924 URI validation failure on SVG parsing in Dompdf

10CVSS9AI score0.51462EPSS

Exploits2References5

Positive Technologies•added 2023/01/31 12:0 a.m.•3 views

PT-2023-1267 · Dompdf +1 · Dompdf +1

Name of the Vulnerable Software and Affected Versions: Dompdf version 2.0.1 Dompdf versions prior to 8.0.0 Description: The issue is related to the incorrect order of authorization checks before syntax analysis and canonization when processing tags with uppercase letters in SVG parsing. This can...

10CVSS9.7AI score0.51462EPSS

Exploits2References17

RedhatCVE•added 2015/10/30 9:25 a.m.•21 views

CVE-2007-1399

Stack-based buffer overflow in the zip:// URL wrapper in PECL ZIP 1.8.3 and earlier, as bundled with PHP 5.2.0 and 5.2.1, allows remote attackers to execute arbitrary code via a long zip:// URL, as demonstrated by actively triggering URL access from a remote PHP interpreter via avatar upload or...

10CVSS8.9AI score0.3902EPSS

Exploits1References2

Packet Storm•added 2007/03/20 12:0 a.m.•18 views

MOPB-pecl.txt

?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP Project // // C Copyright 2007 Stefan...

7.4AI score

Exploits0

securityvulns•added 2007/03/17 12:0 a.m.•33 views

MOPB-21-2007:PHP compress.bzip2:// URL Wrapper safemode and open_basedir Bypass Vulnerability

Summary The compress.bzip2:// URL Wrapper defined by the bz2 extension does not perform any safemode or openbasedir checks and therefore allows access to archives outside the basedir or safemode restrictions. Affected versions Affected is PHP = 5.2.1 Detailed information No details needed Proof o...

1.3AI score

Exploits0

UbuntuCve•added 2007/03/14 6:19 p.m.•20 views

CVE-2007-1460

The zip:// URL wrapper provided by the PECL zip extension in PHP before 4.4.7, and 5.2.0 and 5.2.1, does not implement safemode or openbasedir checks, which allows remote attackers to read ZIP archives located outside of the intended directories...

5CVSS6AI score0.01192EPSS

Exploits1References1

Prion•added 2007/03/14 6:19 p.m.•12 views

Code injection

The compress.bzip2:// URL wrapper provided by the bz2 extension in PHP before 4.4.7, and 5.x before 5.2.2, does not implement safemode or openbasedir checks, which allows remote attackers to read bzip2 archives located outside of the intended directories...

7.8CVSS6.7AI score0.0119EPSS

Exploits1References11Affected Software1

UbuntuCve•added 2007/03/14 6:19 p.m.•29 views

CVE-2007-1461

7.8CVSS6AI score0.0119EPSS

Exploits1References1

NVD•added 2007/03/10 10:19 p.m.•14 views

CVE-2007-1399

10CVSS8AI score0.3902EPSS

Exploits1References10

UbuntuCve•added 2007/03/10 10:19 p.m.•30 views

CVE-2007-1399

10CVSS6.5AI score0.3902EPSS

Exploits1References1

Prion•added 2007/03/10 10:19 p.m.•33 views

Stack overflow

10CVSS8.3AI score0.3902EPSS

Exploits1References10Affected Software1

Positive Technologies•added 2007/03/10 12:0 a.m.•2 views

PT-2007-2793

Name of the Vulnerable Software and Affected Versions PECL ZIP versions 1.8.3 and earlier PHP versions 5.2.0 and 5.2.1 Description The issue is a stack-based buffer overflow in the zip:// URL wrapper. This allows remote attackers to execute arbitrary code via a long zip:// URL. Attackers can...

10CVSS8.2AI score0.3902EPSS

Exploits1References17

securityvulns•added 2007/03/10 12:0 a.m.•42 views

MOPB-16-2007:PHP zip:// URL Wrapper Buffer Overflow Vulnerability

Summary Since PHP 5.2.0 the PECL zip extension is bundled and for example activated by default in the popular dotdeb PHP distribution. This extension provides access to zip files and also introduces the zip:// URL wrapper. A stack based bufferoverflow in the URL parsing of the zip:// wrapper can ...

0.6AI score

Exploits0

Exploit DB•added 2007/03/09 12:0 a.m.•34 views

PHP 5.2.0 / PHP with PECL ZIP 1.8.3 - 'zip://' URL Wrapper Buffer Overflow

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by