1697 matches found
TYPO3-CORE-SA-2026-006: TYPO3 HTML Sanitizer allows Cross-Site Scripting
More info at https://typo3.org/security/advisory/typo3-core-sa-2026-006...
XML injection via CDATA terminator in XML request serialization
Impact guzzlehttp/guzzle-services does not safely serialize scalar XML element values containing the CDATA terminator . The XML request serializer writes values containing , or & with XMLWriter::writeCData$value. If attacker-controlled input contains , the CDATA section closes early and the...
CRLF injection via URI host component
Impact guzzlehttp/psr7 did not reject ASCII control characters, whitespace, or DEL in first-party URI host components. The issue requires a PSR-7 request to be serialized into a raw HTTP/1.x message, for example with GuzzleHttp\Psr7\Message::toString or an equivalent custom serializer. Creating a...
CVE-2026-45075: HEAD Request Bypasses methods: ['GET'] Filter in #[IsGranted] / #[IsSignatureValid] / #[IsCsrfTokenValid]
More info at https://symfony.com/cve-2026-45075...
Command injection via malicious Perforce source reference/url
Impact The Perforce::syncCodeBase method appended the $sourceReference parameter to a shell command without proper escaping, allowing an attacker to inject arbitrary commands through a crafted source reference containing shell metacharacters. Further as in GHSA-wg36-wvj6-r67p / CVE-2026-40176 the...
Insufficient nonce entropy
Impact Nonce generation does not use sufficient entropy nor a cryptographically secure pseudorandom source https://github.com/guzzle/oauth-subscriber/blob/0.8.0/src/Oauth1.phpL192. This can leave servers vulnerable to replay attacks when TLS is not used. Patches Upgrade to version 0.8.1 or higher...
EZSA-2019-002 Password reset vulnerability
More info at https://share.ez.no/community-project/security-advisories/ezsa-2019-002-password-reset-vulnerability...
EZSA-2019-001 XSS in Admin UI
More info at https://share.ez.no/community-project/security-advisories/ezsa-2019-001-xss-in-admin-ui...
Security Misconfiguration for Backend User Accounts
More info at https://typo3.org/security/advisory/typo3-core-sa-2019-002...
Information Disclosure in Install Tool
More info at https://typo3.org/security/advisory/typo3-core-sa-2018-010...
Security Misconfiguration in Install Tool Cookie
More info at https://typo3.org/security/advisory/typo3-core-sa-2018-009...
Denial of Service in Online Media Asset Handling
More info at https://typo3.org/security/advisory/typo3-core-sa-2018-011...
EZSA-2018-009 Do not interpret PHP/PHAR uploads
More info at http://share.ez.no/community-project/security-advisories/ezsa-2018-009-do-not-interpret-php-phar-uploads...
Magento 2.2.5 and 2.1.14 Security update
More info at https://magento.com/security/patches/magento-2.2.5-and-2.1.14-security-update...
SS-2018-010: Member disclosure in login form
More info at https://www.silverstripe.org/download/security-releases/ss-2018-010/...
SS-2018-004: XSS Vulnerability via WYSIWYG editor
More info at https://www.silverstripe.org/download/security-releases/ss-2018-004/...
Remote Code Execution Vulnerability
More info at https://community.shopware.com/detail1989.html...
Frontend login Session Fixation
More info at https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-003/...
Incorrect CSRF validation
More info at https://bakery.cakephp.org/2015/05/07/cakephp304released.html...
User authentication bypass
More info at https://thelia.net/version-2-1-3-with-security-fix...
XSS vulnerability in login redirect param
Security advisory: XSS vulnerability in login redirect param ScnSocialAuth version 1.15.2 has been released and includes a security for this vulnerability. Fix has been applied in 4a00966 Affected versions All versions below 1.15.2 are affected. dev-master is fixed starting from 4a00966 Exploits...
Exploit of encryption failure vulnerability
More info at https://medium.com/@taylorotwell/laravel-security-release-5-6-15-and-5-5-40-56f1257933a0...
CVE-2026-48760: HtmlSanitizer URL Parser Deny Gates Underinclusive: Percent-Encoded BiDi Marks and Unicode Whitespace Bypass Visual-Spoofing Defense
More info at https://symfony.com/cve-2026-48760...
CVE-2026-45070: Email Header Injection via Non-Token Characters in Mime Parameter Names
More info at https://symfony.com/cve-2026-45070...
CVE-2026-45133: YAML Parser Stack Exhaustion via Unbounded Recursion in Nested Blocks, Sequences, and Mappings
More info at https://symfony.com/cve-2026-45133...
Sandbox state regression in deprecated internal wrappers in `src/Resources/core.php`
More info at https://symfony.com/blog/cve-2026-48805-sandbox-state-regression-in-deprecated-internal-wrappers-in-src-resources-core-php...
CVE-2026-45067: Email Header / SMTP Command Injection via CRLF in Symfony\Component\Mime\Address
More info at https://symfony.com/cve-2026-45067...
Drupal core - Moderately critical - Multiple vulnerabilities - SA-CORE-2019-010
More info at https://www.drupal.org/sa-core-2019-010...
Laravel CRLF injection in default email rule
Summary A CRLF injection vulnerability in Laravel's email validation, in combination with how Symfony Mailer and Symfony Mime handle certain character sequences, may allow an unauthenticated attacker to interfere with outbound email processing in applications that send mail to user-supplied...
CVE-2026-48747: Mailomat Mailer Webhook Parser Reads the HMAC Algorithm from the Request: Signature Algorithm Downgrade
More info at https://symfony.com/cve-2026-48747...
CVE-2026-45065: UrlGenerator Route-Requirement Bypass via Unanchored Regex Alternation → Off-Site //host URL Injection
More info at https://symfony.com/cve-2026-45065...
CVE-2025-64500: Incorrect parsing of PATH_INFO can lead to limited authorization bypass
More info at https://symfony.com/blog/cve-2025-64500-incorrect-parsing-of-path-info-can-lead-to-limited-authorization-bypass...
Dot-only cookie domains match all hosts
Impact CookieJar incorrectly accepts cookies with a dot-only Domain attribute, such as Domain=., Domain=.., Domain=..., and whitespace-padded variants such as Domain= . . In affected versions, SetCookie::matchesDomain removes leading dots from the cookie domain, normalizing dot-only values to the...
CompilerRuntime code injection via unescaped function names
More info at https://github.com/jmespath/jmespath.php/security/advisories/GHSA-pcw8-m77r-2528...
TYPO3-CORE-SA-2026-007: Broken Access Control in File Abstraction Layer
More info at https://typo3.org/security/advisory/typo3-core-sa-2026-007...
Chacha20Poly1305 key-encryption algorithm discards the Poly1305 authentication tag, performing no authentication on decryption
Impact The experimental Chacha20Poly1305 key-encryption algorithm generates the 16-byte Poly1305 authentication tag during encryptKey but discards it: the tag is never written to the header and therefore never reaches the wire. On the receiving side, decryptKey calls...
PBES2-HS*+A*KW unwrap accepts an unbounded p2c iteration count, enabling CPU-amplification denial of service
Impact When a JWE uses a password-based key-encryption algorithm PBES2-HS256+A128KW, PBES2-HS384+A192KW, PBES2-HS512+A256KW, PBES2AESKW::unwrapKey reads the p2c PBKDF2 iteration count parameter directly from the attacker-controlled JOSE header and passes it to hashpbkdf2 with no upper bound. The...
Path traversal and reflected XSS in Flag and Icon Twig components
More info at https://github.com/EasyCorp/EasyAdminBundle/security/advisories/GHSA-2wwr-9x6f-88gp...
TYPO3-EXT-SA-2026-012: SQL Injection in extension "Address List" (tt_address)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2026-012...
Drupal core - Moderately critical - Open Redirect - SA-CORE-2020-003
More info at https://www.drupal.org/sa-core-2020-003...
By-passing Protection of PharStreamWrapper Interceptor
More info at https://typo3.org/security/advisory/typo3-psa-2018-001...
SS-2018-015: Vulnerable dependency
More info at https://www.silverstripe.org/download/security-releases/ss-2018-015/...
Drupal core - Moderately critical - Denial of Service
More info at https://www.drupal.org/sa-core-2024-001...
CVE-2025-64500: Incorrect parsing of PATH_INFO can lead to limited authorization bypass
More info at https://symfony.com/blog/cve-2025-64500-incorrect-parsing-of-path-info-can-lead-to-limited-authorization-bypass...
CVE-2026-45065: UrlGenerator Route-Requirement Bypass via Unanchored Regex Alternation → Off-Site //host URL Injection
More info at https://symfony.com/cve-2026-45065...
CVE-2026-47212: Twilio Notifier Webhook Parser Never Verifies the X-Twilio-Signature HMAC: Unauthenticated Webhook Event Injection
More info at https://symfony.com/cve-2026-47212...
CVE-2026-48784: UrlGenerator Dot-Segment Encoding Skips Every Other Chained `../` or `./` → Generated URL Collapses Off-Route Under RFC 3986 Normalization
More info at https://symfony.com/cve-2026-48784...
CVE-2026-45754: Mailjet Mailer and LOX24 Notifier Webhook Parsers Never Verify the Configured Secret: Unauthenticated Webhook Event Injection
More info at https://symfony.com/cve-2026-45754...
CVE-2026-45074: Cas2Handler Derives CAS service URL from Client Host Header → Cross-Service Ticket Replay
More info at https://symfony.com/cve-2026-45074...
CVE-2026-45077: Unauthenticated PHP Object Deserialization in MonologBridge server:log Listener
More info at https://symfony.com/cve-2026-45077...