1702 matches found
CVE-2026-45065: UrlGenerator Route-Requirement Bypass via Unanchored Regex Alternation → Off-Site //host URL Injection
More info at https://symfony.com/cve-2026-45065...
CVE-2026-45070: Email Header Injection via Non-Token Characters in Mime Parameter Names
More info at https://symfony.com/cve-2026-45070...
Sandbox state regression in deprecated internal wrappers in `src/Resources/core.php`
More info at https://symfony.com/blog/cve-2026-48805-sandbox-state-regression-in-deprecated-internal-wrappers-in-src-resources-core-php...
Sandbox `__toString()` policy bypass via `Traversable` in `join`/`replace` and `in`/`not in` operators
More info at https://symfony.com/blog/cve-2026-48807-sandbox-tostring-policy-bypass-via-traversable-in-join-replace-and-in-not-in-operators...
Authentication bypass via attacker provided openid server
Impact The outdated version 1 of the Steam Socialite Provider doesn't check properly if the login comes from steamcommunity.com, allowing a malicious actor to substitute their own openID server. Patches This vulnerability only affects the outdated v1.x versions of the package. These are no longer...
CVE-2026-45305: YAML Parser ReDoS via Catastrophic Backtracking in Parser::cleanup() Regex
More info at https://symfony.com/cve-2026-45305...
Contextual Links validation - Critical - Remote Code Execution
More info at https://www.drupal.org/sa-core-2018-006...
Drupal core - Moderately critical - Third-party library - SA-CORE-2020-001
More info at https://www.drupal.org/sa-core-2020-001...
Drupal core - Moderately critical - Third-party libraries - SA-CORE-2021-005
More info at https://www.drupal.org/sa-core-2021-005...
Drupal core - Moderately critical - Denial of Service - SA-CORE-2019-009
More info at https://www.drupal.org/sa-core-2019-009...
Laravel CRLF injection in default email rule
Summary A CRLF injection vulnerability in Laravel's email validation, in combination with how Symfony Mailer and Symfony Mime handle certain character sequences, may allow an unauthenticated attacker to interfere with outbound email processing in applications that send mail to user-supplied...
SQL Server LIMIT / OFFSET SQL Injection
Impact Those using SQL Server with Laravel and allowing user input to be passed directly to the limit and offset functions are vulnerable to SQL injection. Other database drivers such as MySQL and Postgres are not affected by this vulnerability. Patches This problem has been patched on Laravel...
Anonymous Open Redirect - Moderately Critical - Open Redirect
More info at https://www.drupal.org/sa-core-2018-006...
Injection in DefaultMailSystem::mail() - Critical - Remote Code Execution
More info at https://www.drupal.org/sa-core-2018-006...
CVE-2026-45755: Mailtrap Mailer Webhook Parser Never Verifies the X-Mt-Signature HMAC: Unauthenticated Webhook Event Injection
More info at https://symfony.com/cve-2026-45755...
TYPO3-CORE-SA-2026-018: Insecure Deserialization in Core API
More info at https://typo3.org/security/advisory/typo3-core-sa-2026-018...
TYPO3-CORE-SA-2026-015: Broken Access Control in Backend API
More info at https://typo3.org/security/advisory/typo3-core-sa-2026-015...
TYPO3-CORE-SA-2026-014: Broken Access Control in Clipboard
More info at https://typo3.org/security/advisory/typo3-core-sa-2026-014...
TYPO3-CORE-SA-2026-013: Broken Access Control in Media Module
More info at https://typo3.org/security/advisory/typo3-core-sa-2026-013...
TYPO3-CORE-SA-2026-012: Broken Access Control in DataHandler
More info at https://typo3.org/security/advisory/typo3-core-sa-2026-012...
TYPO3-CORE-SA-2026-006: TYPO3 HTML Sanitizer allows Cross-Site Scripting
More info at https://typo3.org/security/advisory/typo3-core-sa-2026-006...
JWSVerifier uses algorithm from unprotected header, enabling algorithm confusion attacks
Summary JWSVerifier::getAlgorithm in src/Library/Signature/JWSVerifier.php line 144 merges protected and unprotected headers using PHP's spread operator: php $completeHeader = ...$signature-getProtectedHeader, ...$signature-getHeader; In PHP, when spreading arrays with duplicate string keys, the...
Path traversal and reflected XSS in Flag and Icon Twig components
EasyAdminBundle ships two public Twig components — and — that load SVG files from disk using a path built directly from a public component property, and then render the resulting markup with the Twig |raw filter. When an application binds either of those properties to data that is influenced by a...
Regression in Query Parenthesis can have Security Implications
Return insensitive check after 8453 Problem: -andWhere"u.name = ?1 or u.username = ?1"; did not wrap part in parenthesis when or or and was written in lowercase anymore. It still worked for uppercase OR and AND. Fixes 8595...
Potentially sensitive data exposure
Description Impact Inside Gos\Bundle\WebSocketBundle\Server\App\Dispatcher\TopicDispatcher::onPublish, messages are arbitrarily broadcasted to the related Topic if Gos\Bundle\WebSocketBundle\Server\App\Dispatcher\TopicDispatcher::dispatch does not succeed. The dispatch method can be considered to...
EZSA-2020-004 Object Injection in SiteAccessMatchListener
More info at https://ezplatform.com/security-advisories/ezsa-2020-004-object-injection-in-siteaccessmatchlistener...
SSTI Vulnerability
More info at https://twitter.com/nystudio107/status/1268736336200171520?lang=en...
Fixes redirect uri validation in oauth
More info at https://github.com/FriendsOfSymfony/oauth2-php/releases/tag/1.3.0...
Unexpected bindings in QueryBuilder
This is a follow-up to the previous security advisory GHSA-3p32-j457-pg5x which addresses a few additional edge cases. If a request is crafted where a field that is normally a non-array value is an array, and that input is not validated or cast to its expected type before being passed to the quer...
Cross-Site Scripting in Form Framework validation handling
More info at https://typo3.org/security/advisory/typo3-core-sa-2019-021...
EZSA-2019-004 CSRF token in login form is disabled by default
More info at https://share.ez.no/community-project/security-advisories/ezsa-2019-004-csrf-token-in-login-form-is-disabled-by-default...
Information Disclosure in Backend User Interface
More info at https://typo3.org/security/advisory/typo3-core-sa-2019-014...
Information Disclosure in Backend User Interface
More info at https://typo3.org/security/advisory/typo3-core-sa-2019-014...
EZSA-2019-003 XSS in eZFind spellcheck
More info at https://share.ez.no/community-project/security-advisories/ezsa-2019-003-xss-in-ezfind-spellcheck...
Arbitrary Code Execution via File List Module
More info at https://typo3.org/security/advisory/typo3-core-sa-2019-008...
Information Disclosure of Installed Extensions
More info at https://typo3.org/security/advisory/typo3-core-sa-2019-001...
Denial of service
Make the world a bit safer...
Cross-Site Scripting in Frontend User Login
More info at https://typo3.org/security/advisory/typo3-core-sa-2018-008...
Cross-Site Scripting in Online Media Asset Rendering
More info at https://typo3.org/security/advisory/typo3-core-sa-2018-006...
Denial of Service in Frontend Record Registration
More info at https://typo3.org/security/advisory/typo3-core-sa-2018-012...
Magento 2.2.7 and 2.1.16 Security update. Closes RCE,XSS and other vulnerabilities
More info at https://magento.com/security/patches/magento-2.2.7-and-2.1.16-security-update...
SS-2018-017: Possible PHP Object Injection via Multi-Value Field Extension
More info at https://www.silverstripe.org/download/security-releases/ss-2018-017/...
Privilege Escalation & SQL Injection in TYPO3 CMS
More info at https://typo3.org/security/advisory/typo3-core-sa-2018-003...
SUPEE-10752 - Multiple security enhancements vulnerabilities
More info at https://magento.com/security/patches/supee-10752...
URL Rewrite vulnerability
More info at https://framework.zend.com/security/advisory/ZF2018-01...
SS-2018-014: Dangerous file types in allowed upload
More info at https://www.silverstripe.org/download/security-releases/ss-2018-014/...
SS-2017-007: CSV Excel Macro Injection
More info at https://www.silverstripe.org/download/security-releases/ss-2017-007/...
Information Disclosure in TYPO3 CMS
More info at https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-006/...
EZSA-2017-006 Information disclosure in backend content tree menu
More info at http://share.ez.no/community-project/security-advisories/ezsa-2017-006-information-disclosure-in-backend-content-tree-menu...
Cross-Site Scripting in TYPO3 CMS
More info at https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-003/...