CVE-2017-11365: Empty passwords validation issue

More info at https://symfony.com/cve-2017-11365...

CVE-2020-5220: Ability to define unintended serialisation groups via HTTP header which might lead to data exposure

Impact ResourceBundle accepts and uses any serialisation groups to be passed via a HTTP header. This might lead to data exposure by using an unintended serialisation group - for example it could make Shop API use a more permissive group from Admin API. Anyone exposing an API with ResourceBundle's...

mdanter/ecc affected by timing vulnerability in cryptographic side-channels

phpecc, as used in all versions of mdanter/ecc, as well as paragonie/ecc before 2.0.1, has a branch-based timing leak in Point addition. This Composer package is also known as phpecc/phpecc on GitHub, previously known as the Matyas Danter ECC library. Paragon Initiative Enterprises hard-forked...

CVE-2022-24711: Remote CLI Command Execution Vulnerability in CodeIgniter4

Impact This vulnerability allows attackers to execute CLI routes via HTTP request. Patches Upgrade to v4.1.9 or later. Workarounds None. For more information If you have any questions or comments about this advisory: Open an issue in codeigniter4/CodeIgniter4 Email us at SECURITY.md...

URL Redirection to Untrusted Site ('Open Redirect')

Description Impact Releases prior to 3.0.1 are vulnerable to an open redirect vulnerability that allows an attacker to construct a URL that redirects to an arbitrary external domain. Patches 3.0.1 contains a fix for this vulnerability. The 1.x and 2.x releases are not maintained anymore. Referenc...

TYPO3-CORE-SA-2021-013: Cross-Site Scripting via Rich-Text Content

More info at https://typo3.org/security/advisory/typo3-core-sa-2021-013...

TYPO3-CORE-SA-2020-005: Insecure Deserialization in Backend User Settings

More info at https://typo3.org/security/advisory/typo3-core-sa-2020-005...

PRODSECBUG-2246: Stored cross-site scripting in the WYSIWYG editor

More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23...

SQL injection vulnerabililty in the file manager search filter

More info at https://contao.org/en/news/security-vulnerability-cve-2019-11512.html...

Information disclosure in the back end

More info at https://contao.org/en/security-advisories/information-disclosure-in-the-back-end.html...

PHAR deserialization allowing remote code execution

Description Description snappy is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the fileexists function. If an attacker can upload files of any type to the server he can pass in the phar:// protocol to unserialize the uploaded file and...

TYPO3-CORE-SA-2022-009: Stored Cross-Site Scripting via FileDumpController

More info at https://typo3.org/security/advisory/typo3-core-sa-2022-009...

Key/algorithm type confusion

In Firebase PHP-JWT before 6.0.0, an algorithm-confusion issue e.g., RS256 / HS256 exists via the kid aka Key ID header, when multiple types of keys are loaded in a key ring. This allows an attacker to forge tokens that validate under the incorrect key. NOTE: this provides a straightforward way t...

TYPO3-CORE-SA-2021-010: Cross-Site Scripting in Query Generator & Query View

More info at https://typo3.org/security/advisory/typo3-core-sa-2021-010...

TYPO3-CORE-SA-2020-012: XML External Entity in Dashboard Widget

More info at https://typo3.org/security/advisory/typo3-core-sa-2020-012...

TYPO3-CORE-SA-2020-002: Cross-Site Scripting in Form Engine

More info at https://typo3.org/security/advisory/typo3-core-sa-2020-002...

CVE-2020-5274: Fix Exception message escaping rendered by ErrorHandler

More info at https://symfony.com/cve-2020-5274...

PRODSECBUG-2299: Stored cross-site scripting in the admin panel

More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13...

Confirming an opt-in token does not invalidate previous opt-in tokens

More info at https://contao.org/en/news/security-vulnerability-cve-2019-10643.html...

XSS vulnerability with unsafe link protocols

An XSS vulnerability CVE-2018-20583 has been identified in the following versions of this library: 0.15.6 0.15.7 0.16.0 0.17.0 0.17.1 0.17.2 0.17.3 0.17.4 0.17.5 0.18.0 It allows unsafe URLs to be added to links. The issue has been fixed in version 0.18.1. All users should upgrade to version 0.18...

Cross-Site Scripting in CKEditor

More info at https://typo3.org/security/advisory/typo3-core-sa-2018-005...

XSS vulnerability in code example

SECURITY Fix XSS vulnerability in one of the code examples, CVE-2017-11503. The codegenerator.phps example did not filter user input prior to output. This file is distributed with a .phps extension, so it it not normally executable unless it is explicitly renamed, so it is safe by default. There...

RCE vulnerability in phpunit

More info at https://nvd.nist.gov/vuln/detail/CVE-2017-9841...

JSON Data encoded for use in HTML was not safe to use in IE6/IE7, possible XSS attacks

More info at https://www.yiiframework.com/news/86/yii-2-0-4-is-released/...

Highly critical - Remote Code Execution

More info at https://www.drupal.org/SA-CORE-2019-003...

Existing sessions are not correctly invalidated when a user changes their password

More info at https://contao.org/en/news/security-vulnerability-cve-2019-10641.html...

CVE-2019-10913: Reject invalid HTTP method overrides

More info at https://symfony.com/cve-2019-10913...

Deserialization of Untrusted Data in timber/timber

Summary Timber is vulnerable to PHAR deserialization due to a lack of checking the input before passing it into the fileexists function. If an attacker can upload files of any type to the server, he can pass in the phar:// protocol to unserialize the uploaded file and instantiate arbitrary PHP...

CVE-2022-42949 - Subsite weakens file permissions

More info at https://www.silverstripe.org/download/security-releases/cve-2022-42949...

TYPO3-CORE-SA-2022-015: Arbitrary Code Execution via Form Framework

More info at https://typo3.org/security/advisory/typo3-core-sa-2022-015...

TYPO3-CORE-SA-2022-006: Denial of Service in Page Error Handling

More info at https://typo3.org/security/advisory/typo3-core-sa-2022-006...

TYPO3-CORE-SA-2020-010: Cross-Site Scripting in Fluid view helpers

More info at https://typo3.org/security/advisory/typo3-core-sa-2020-010...

PRODSECBUG-2369: Stored cross-site scripting in the admin panel

More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23...

PRODSECBUG-2246: Stored cross-site scripting in the WYSIWYG editor

More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23...

PRODSECBUG-2301: Names of disabled products can be leaked due to inadequate validation checks

More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33...

Fixed being bypassable of CVE-2019-6257 SSRF.

Changes form previous version All previous changes is here. js:core Fixed 2863 cssAutoLoad Array option is not working js:core Fixed 2862 stop autoSync when browser tab turn to background cmd:search Fixed 2867 support incremental search other than filename VD:abstract Fixed 2873 correct MIME-Type...

HTTP Proxy header vulnerability

Bug Fixes Removed support for using HTTPPROXY environment variable for non-CLI apps per CVE-2016-5385 httpoxy. Graham Campbell 143 145 Convert BUGSNAGNOTIFYRELEASESTAGES to a comma-delimited array Jason Graham Campbell 142 144...

Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2020-002

More info at https://www.drupal.org/sa-core-2020-002...

CVE-2024-51736: Command execution hijack on Windows with Process class

More info at https://symfony.com/cve-2024-51736...

ReactPHP's HTTP server parses encoded cookie names so malicious `__Host-` and `__Secure-` cookies can be sent

Impact In ReactPHP's HTTP server component versions below v1.7.0, when ReactPHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like Host- and Secure- confused with cookies that decode to such prefix, thus leading to an attacker...

Server-Side Request Forgery (SSRF) and URL Redirection to Untrusted Site ('Open Redirect')

Impact On releases prior to 3.0.3, an attacker could craft a special HTML page to trigger either an open redirect attack or a Server-Side Request Forgery attack depending on how AllTube is configured. The impact is mitigated by the fact the SSRF attack is only possible when the stream option is...

CVE-2022-38145 - Stored XSS in Compare Mode

More info at https://www.silverstripe.org/download/security-releases/cve-2022-38145...

TYPO3-CORE-SA-2021-012: Information Disclosure in User Authentication

More info at https://typo3.org/security/advisory/typo3-core-sa-2021-012...

PRODSECBUG-2462: Remote code execution via file upload in admin import feature

More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...

PRODSECBUG-2462: Remote code execution via file upload in admin import feature

More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...

PRODSECBUG-2369: Stored cross-site scripting in the admin panel

More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23...

PRODSECBUG-2275: Unsafe functionality is exposed via email templates manipulation

More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13...

SQL injection vulnerabililty in the back end search filter

More info at https://contao.org/en/news/contao-448.html...

Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.

There was a problem hiding this comment. Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. Choose a reason Spam Abuse Off Topic Outdated Duplicate Resolved Hide comment I'm afraid this change is wrong. fileexists is not the only...

mdanter/ecc affected by timing vulnerability in cryptographic side-channels

phpecc, as used in all versions of mdanter/ecc, as well as paragonie/ecc before 2.0.1, has a branch-based timing leak in Point addition. This Composer package is also known as phpecc/phpecc on GitHub, previously known as the Matyas Danter ECC library. Paragon Initiative Enterprises hard-forked...