1702 matches found
CVE-2018-11407: Unauthorized access on a misconfigured LDAP server when using an empty password
More info at https://symfony.com/cve-2018-11407...
Access bypass
More info at https://www.drupal.org/SA-2017-002...
Editor module incorrectly checks access to inline private files
More info at https://www.drupal.org/SA-2017-001...
An error during signature verification can be treated as a successful verification.
…nse. In order to verify Signatures on Logoutrequests and LogoutResponses we use the verifySignature of the class XMLSecurityKey from the xmlseclibs library. That method end up calling opensslverify depending on the signature algorithm used. The opensslverify function returns 1 when the signature...
Incorrect cache context on password reset page
More info at https://www.drupal.org/SA-CORE-2016-005...
Denial of service via transliterate mechanism
More info at https://www.drupal.org/SA-CORE-2016-005...
Potential Information Disclosure and Insufficient Entropy vulnerability in Zend\Captcha\Word
More info at https://framework.zend.com/security/advisory/ZF2015-09...
CVE-2015-8125: Potential Remote Timing Attack Vulnerability in Security Remember-Me Service
More info at https://symfony.com/cve-2015-8125...
Security Misconfiguration Vulnerability in various Doctrine projects
More info at https://www.doctrine-project.org/2015/08/31/securitymisconfigurationvulnerabilityinvariousdoctrineprojects.html...
JSON Data encoded for use in HTML was not safe to use in IE6/IE7, possible XSS attacks
More info at https://www.yiiframework.com/news/86/yii-2-0-4-is-released/...
Esi Code Injection
More info at https://symfony.com/cve-2015-2308...
Invalid CSRF validation of null or incorrectly formatted token identifiers
More info at https://framework.zend.com/security/advisory/ZF2015-03...
Direct access of ESI URLs behind a trusted proxy
More info at https://symfony.com/cve-2014-5245...
Cross-Site Scripting
I've picked up on the work started over at 276 and rebased on erusev/master. Since this is rebased on master, I can't point at PR at naNuke/master without running into the merge conflicts that I've already resolved manually. I've implemented what I suggested earlier so that all attributes are...
PHP Code Injection
phpWhois PHP Code Injection\nVulnerability Overview\nphpWhois and some of its forks in versions before 5.1.0 are prone to a\ncode injection vulnerability due to insufficient sanitization of returned\nWHOIS data. This allows attackers controlling the WHOIS information of a\nrequested domain to...
Padding Oracle Vulnerability in RSA Encryption
See https://framework.zend.com/security/advisory/ZF2015-10 it's essentially the same vulnerability The text was updated successfully, but these errors were encountered: All reactions...
Prevent installation typosquatting malware
More info at https://www.kernelmode.blog/typosquatting-malware-found-in-composer-repository/...
CVE-2024-50341: Security::login does not take into account custom user_checker
More info at https://symfony.com/cve-2024-50341...
CVE-2024-51736: Command execution hijack on Windows with Process class
More info at https://symfony.com/cve-2024-51736...
CVE-2019-12205: Clipboard Reflected XSS
More info at https://www.silverstripe.org/download/security-releases/cve-2019-12205/...
Padding Oracle Vulnerability in RSA Encryption
Hi, https://github.com/pagarme/pagarme-php/blob/master/lib/Pagarme/CardHashCommon.php This class has a confusing name. CardHash implies a cryptographic hash e.g. SHA256 is being used, but you're encrypting with RSA. Interestingly, you're not specifying the padding client-side, so you're encryptin...
XSS vulnerability on contacts view
Impact Mautic versions before 3.3.4/4.0.0 are vulnerable to an inline JS XSS attack through the contact's first or last name and triggered when viewing a contact's details page then clicking on the action drop down and hovering over the Campaigns button. Contact first and last name can be populat...
Use token when logging out
More info at https://phabricator.wikimedia.org/T25227...
Denial of Service via "MadeYouReset" vulnerability
Versions of amphp/http-server prior to 3.4.4 for the 3.x release branch and prior to 2.1.10 for the 2.x release branch are vulnerable to the HTTP/2 "MadeYouReset" DoS attack described by CVE-2025-8671 and https://kb.cert.org/vuls/id/767506. In versions 3.4.4 and 2.1.10, stream reset protection ha...
Possible sandbox bypass
More info at https://symfony.com/blog/twig-security-release-possible-sandbox-bypass...
TYPO3-EXT-SA-2023-010: Broken Access Control in extension "femanager" (femanager)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-010...
TYPO3-EXT-SA-2022-016: Insufficient Session Expiration after Password Change in extension "Change password for frontend users" (fe_change_pwd)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2022-016...
CVE-2022-29254 - Failed payment recorded has completed
More info at https://www.silverstripe.org/download/security-releases/cve-2022-29254...
Possible SQL injection in widget field value
Description Impact The currently selected widget values were not correctly sanitized before passing it to the database, leading to an SQL injection possibility. Patches The issue has been patched in tablelookupwizard version 3.3.5 and version 4.0.0. For more information If you have any questions ...
CVE-2021-41106: File reference keys leads to incorrect hashes on HMAC algorithms
Description Impact Users of HMAC-based algorithms HS256, HS384, and HS512 combined with Lcobucci\JWT\Signer\Key\LocalFileReference as key are having their tokens issued/validated using the file path as hashing key - instead of the contents. The HMAC hashing functions take any string as input and,...
CVE-2021-21424: Prevent user enumeration via response content in authentication mechanisms
More info at https://symfony.com/cve-2021-21424...
PRODSECBUG-2412: Cross-Site Scripting via Location Name
More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...
Circumvents open_basedir INI directive
ADVISORY: This release circumvents openbasedir in the requestinithook. If you rely on the openbasedir INI directive, we highly recommended you upgrade to 0.30.2. Fixed - Shutdown span flushing blocking the process when forked 493 - Memory access errors in cases when PHP code was run after extensi...
CVE-2019-12149: Potential SQL injection in restfulserver and registry modules
More info at https://www.silverstripe.org/download/security-releases/cve-2019-12149...
CVE-2018-19790: Open Redirect Vulnerability on login
More info at https://symfony.com/cve-2018-19790...
$wgRateLimits (rate limit / ping limiter) entry for 'user' overrides that for 'newbie'
More info at https://phabricator.wikimedia.org/T169545...
Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.
There was a problem hiding this comment. Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. Choose a reason Spam Abuse Off Topic Outdated Duplicate Resolved Hide comment I'm afraid this change is wrong. fileexists is not the only...
When a log event is (partially) hidden Special:Redirect/logid can link to the incorrect log and reveal hidden information
More info at https://phabricator.wikimedia.org/T187638...
PHP Code Injection
phpWhois PHP Code Injection\nVulnerability Overview\nphpWhois and some of its forks in versions before 5.1.0 are prone to a\ncode injection vulnerability due to insufficient sanitization of returned\nWHOIS data. This allows attackers controlling the WHOIS information of a\nrequested domain to...
CVE-2018-11407: Unauthorized access on a misconfigured LDAP server when using an empty password
More info at https://symfony.com/cve-2018-11407...
CVE-2018-11408: Open redirect vulnerability on security handlers
More info at https://symfony.com/cve-2018-11408...
Use of insecure connection charset (sqlauth module)
More info at https://simplesamlphp.org/security/201801-03...
The switchIdentity() function in yii\web\User did not regenerate the CSRF token upon a change of identity
More info at https://www.yiiframework.com/news/165/yii-2-0-14-is-released/...
XSS in the url field on the password workspace grid and sidebar
More info at https://www.passbolt.com/incidents/20170914xssonresourceurls...
Arbitrary shell execution
Security Advisory - This release contains a fix for a security advisory related to the improper handling of shell commands - Uses of shellexec and exec were not escaping filenames and configuration settings in most cases - A properly crafted filename or configuration option would allow for...
Inconsistent name for term access query
More info at https://www.drupal.org/SA-CORE-2016-005...
Inconsistent name for term access query
More info at https://www.drupal.org/SA-CORE-2016-005...
Denial of service via transliterate mechanism
More info at https://www.drupal.org/SA-CORE-2016-005...
Filesystem Permissions Issues in Multiple Components
More info at https://framework.zend.com/security/advisory/ZF2015-07...
Security Misconfiguration Vulnerability in various Doctrine projects
More info at https://www.doctrine-project.org/2015/08/31/securitymisconfigurationvulnerabilityinvariousdoctrineprojects.html...