Lucene search
K

494 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-4721

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.02047EPSS
Exploits1References14
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-2669

Malicious code in bioql PyPI...

5CVSS9.3AI score0.02372EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-1279

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.0255EPSS
Exploits1References12
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-5285

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01103EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-3410

Malicious code in bioql PyPI...

5CVSS9.3AI score0.01705EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/03 8:7 p.m.13 views

EUVD-2022-4795

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01356EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2012-6532

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - 1 ZendDom, 2 ZendFeed, 3 ZendSoap, and 4 ZendXmlRpc in Zend Framework 1.x before 1.11.13 and 1.12.x before 1.12.0 allow remote attackers to cause a denial of...

5CVSS8.1AI score0.01848EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2012-6531

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - 1 ZendDom, 2 ZendFeed, and 3 ZendSoap in Zend Framework 1.x before 1.11.13 and 1.12.x before 1.12.0 do not properly handle SimpleXMLElement classes, which allow...

9.1CVSS8.2AI score0.50248EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/09/04 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2012-3363

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ZendXmlRpc in Zend Framework 1.x before 1.11.12 and 1.12.x before 1.12.0 does not properly handle SimpleXMLElement classes, which allows remote attackers to rea...

9.1CVSS8.3AI score0.50248EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/09/04 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2011-3825

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the...

5CVSS5.6AI score0.01264EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2014-8089

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQL injection vulnerability in Zend Framework before 1.12.9, 2.2.x before 2.2.8, and 2.3.x before 2.3.3, when using the sqlsrv PHP extension, allows remote...

9.8CVSS8.9AI score0.0255EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2016-6233

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 1 order and 2 group methods in ZendDbSelect in the Zend Framework before 1.12.19 might allow remote attackers to conduct SQL injection attacks via vectors...

9.8CVSS8.4AI score0.02047EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2015-7695

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The PDO adapters in Zend Framework before 1.12.16 do not filer null bytes in SQL statements, which allows remote attackers to execute arbitrary SQL commands via...

9.8CVSS8.9AI score0.02972EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2012-4451

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple cross-site scripting XSS vulnerabilities in Zend Framework 2.0.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via...

6.1CVSS6.1AI score0.01367EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2012-5657

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 1 ZendFeedRss and 2 ZendFeedAtom classes in ZendFeed in Zend Framework 1.11.x before 1.11.15 and 1.12.x before 1.12.1 allow remote attackers to read arbitra...

5CVSS8.3AI score0.01705EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2016-4861

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 1 order and 2 group methods in ZendDbSelect in the Zend Framework before 1.12.20 might allow remote attackers to conduct SQL injection attacks by leveraging...

9.8CVSS8.4AI score0.04124EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 6:19 p.m.10 views

CVE-2021-21426

Magento-lts is a long-term support alternative to Magento Community Edition CE. In magento-lts versions 19.4.12 and prior and 20.0.8 and prior, there is a vulnerability caused by the unsecured deserialization of an object. A patch in versions 19.4.13 and 20.0.9 was back ported from Zend Framework...

9.8CVSS6.4AI score0.75313EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:4 p.m.9 views

CVE-2020-29312

An issue found in Zend Framework v.3.1.3 and before allow a remote attacker to execute arbitrary code via the unserialize function. Note: This has been disputed by third parties as incomplete and incorrect. The framework does not have a version that surpasses 2.x.x and was deprecated in early 202...

9.8CVSS8AI score0.01256EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 12:13 p.m.9 views

CVE-2012-6531

1 ZendDom, 2 ZendFeed, and 3 ZendSoap in Zend Framework 1.x before 1.11.13 and 1.12.x before 1.12.0 do not properly handle SimpleXMLElement classes, which allow remote attackers to read arbitrary files or create TCP connections via an external entity reference in a DOCTYPE element in an XML-RPC...

9.1CVSS7.2AI score0.50248EPSS
Exploits1References1
OSV
OSV
added 2024/06/07 10:27 p.m.20 views

GHSA-848F-MPH5-9PM9 Zendframework Potential Information Disclosure and Insufficient Entropy vulnerability

In Zend Framework, ZendCaptchaWord v1 and Zend\Captcha\Word v2 generate a "word" for a CAPTCHA challenge by selecting a sequence of random letters from a character set. Prior to this advisory, the selection was performed using PHP's internal arrayrand function. This function does not generate...

7.5CVSS6.6AI score
Exploits0References3
Rows per page
Query Builder