Insecure Deserialization in Query Generator & Query View

More info at https://typo3.org/security/advisory/typo3-core-sa-2019-026...

Directory Traversal on ZIP extraction

More info at https://typo3.org/security/advisory/typo3-core-sa-2019-024...

EZSA-2019-005 Bundled jQuery affected by CVE-2019-11358

More info at https://share.ez.no/community-project/security-advisories/ezsa-2019-005-bundled-jquery-affected-by-cve-2019-11358...

PRODSECBUG-2095: Defense-in-depth session validation check implemented

More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33...

PRODSECBUG-2380: Stored cross-site scripting in the Currency Symbols field

More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23...

Exposed suppressed username or log in Special:EditTags

More info at https://phabricator.wikimedia.org/T222036...

Cross-Site Scripting in Fluid Engine

More info at https://typo3.org/security/advisory/typo3-core-sa-2019-013...

Potential RCE if filename starts with phar://

More info at https://pear.php.net/bugs/bug.php?id=23782...

CVE-2018-11407: Unauthorized access on a misconfigured LDAP server when using an empty password

More info at https://symfony.com/cve-2018-11407...

Highly critical - Remote Code Execution

More info at https://www.drupal.org/sa-core-2018-002...

jQuery vulnerability with untrusted domains.

More info at https://www.drupal.org/SA-CORE-2018-001...

JavaScript cross-site scripting prevention is incomplete.

More info at https://www.drupal.org/SA-CORE-2018-001...

Remote attackers could obtain potentially sensitive information from exception messages printed by the error handler in non-debug mode.

More info at https://www.yiiframework.com/news/165/yii-2-0-14-is-released/...

Views can allow unauthorized users to see Statistics information

More info at https://www.drupal.org/SA-CORE-2016-002...

CVE-2016-4423: Large username storage in session

More info at https://symfony.com/cve-2016-4423...

XXE/XEE vector when using ZendXml on multibyte payloads

More info at https://framework.zend.com/security/advisory/ZF2015-06...

Possible link spoofing on the homepage when anchors are used

More info at https://typo3.org/security/advisory/typo3-core-sa-2014-003...

SQL injection vector when manually quoting values for sqlsrv extension, using null byte

More info at https://framework.zend.com/security/advisory/ZF2014-06...

Improper Session Invalidation

More info at https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/...

Authentication bypass via attacker provided openid server

Description Impact The outdated version 1 of the Steam Socialite Provider doesn't check properly if the login comes from steamcommunity.com, allowing a malicious actor to substitute their own openID server. Patches This vulnerability only affects the outdated v1.x versions of the package. These a...

Drupal core - Critical - Cross-site scripting - SA-CORE-2021-003

More info at https://www.drupal.org/sa-core-2021-003...

Drupal core - Moderately critical - Cross-site scripting - SA-CORE-2020-007

More info at https://www.drupal.org/sa-core-2020-007...

Unguarded calls to __toString() when nesting an object into an array

More info at https://symfony.com/blog/cve-2024-51754-unguarded-calls-to-tostring-in-a-sandbox-when-an-object-is-in-an-array-or-an-argument-list...

CVE-2019-10911: Add a separator in the remember me cookie hash

More info at https://symfony.com/cve-2019-10911...

Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.

Fix for security vulnerability: Using the phar:// wrapper it was possible to trigger the unserialization of user provided data...

CVE-2019-10910: Check service IDs are valid

More info at https://symfony.com/cve-2019-10910...

Use of a Broken or Risky Cryptographic Algorithm

✍️ Description The function mtrand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographically insecure nature of this function to enumerate session tokens for accounts that are...

Arbitrary Code Execution through Improper Restriction of XML External Entity Reference (XXE) vulnerability

More info at https://helpx.adobe.com/security/products/magento/apsb24-40.html...

phpseclib a large prime can cause a denial of service

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-2528-jw5q-ww88. This link is maintained to preserve external references. Original Description An issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0.47, and 3.x before 3.0.36. An attacker can...

TYPO3-EXT-SA-2023-007: Broken Access Control in extension "hCaptcha for EXT:form" (hcaptcha)

More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-007...

Directory traversal vulnerability in the file manager

More info at https://contao.org/en/security-advisories/directory-traversal-in-the-file-manager.html...

CVE-2022-24894: Prevent storing cookie headers in HttpCache

More info at https://symfony.com/cve-2022-24894...

TYPO3-CORE-SA-2022-006: Denial of Service in Page Error Handling

More info at https://typo3.org/security/advisory/typo3-core-sa-2022-006...

Drupal core - Critical - Arbitrary PHP code execution - SA-CORE-2022-014

More info at https://www.drupal.org/sa-core-2022-014...

Fix failure to strip Authorization header on HTTP downgrade

Impact Authorization headers on requests are sensitive information. On making a request using the https scheme to a server which responds with a redirect to a URI with the http scheme, we should not forward the Authorization header on. This is much the same as to how we don't forward on the heade...

Inproper parsing of HTTP headers

Impact Improper header parsing. An attacker could sneak in a carriage return character \r and pass untrusted values in both the header names and values. Patches The issue is patched in 1.8.4 and 2.1.1. Workarounds There are no known workarounds. References...

SQL Injection in Limit Clause Generation API

We have released a new version Doctrine DBAL 3.1.4 that fixes a critical SQL injection vulnerability in the LIMIT clause generation API provided by the Platform abstraction. We advise everyone using Doctrine DBAL 3.0.0 up to 3.1.3 to upgrade to 3.1.4 immediately. The vulnerability can happen when...

CVE-2021-41268: Remember me cookie persistance after password changes

More info at https://symfony.com/cve-2021-41268...

TYPO3-CORE-SA-2021-014: Cross-Site-Request-Forgery in Backend URI Handling

More info at https://typo3.org/security/advisory/typo3-core-sa-2021-014...

Read private customer data reclaiming carts

Klaviyo read customer quotes for guest carts April 28th I've found a endpoint in a thirth party module Klaviyo Magento 2 which allows to read private customer data from stores. It works by reclaiming any guest-cart as your own and reading the private data for the orders in the Magento API. Data...

TYPO3-CORE-SA-2021-007: Cross-Site Scripting in Content Preview

More info at https://typo3.org/security/advisory/typo3-core-sa-2021-007...

TYPO3-CORE-SA-2021-003: Broken Access Control in Form Framework

More info at https://typo3.org/security/advisory/typo3-core-sa-2021-003...

Special:UserRights exposes the existence of hidden users

More info at https://phabricator.wikimedia.org/T232568...

TYPO3-CORE-SA-2020-007: Potential Privilege Escalation

More info at https://typo3.org/security/advisory/typo3-core-sa-2020-007...

CVE-2020-6164: Information disclosure on /interactive URL path

More info at https://www.silverstripe.org/download/security-releases/cve-2020-6164/...

SQL injection relating to data display

More info at https://www.phpmyadmin.net/security/PMASA-2020-4/...

SQL injection in user accounts page

More info at https://www.phpmyadmin.net/security/PMASA-2020-1/...

Insecure Deserialization in TYPO3 CMS

More info at https://typo3.org/security/advisory/typo3-core-sa-2019-020...

PRODSECBUG-2116: Stored cross-site scripting in the catalog events feature

More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13...

PRODSECBUG-2246: Stored cross-site scripting in the WYSIWYG editor

More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23...