1697 matches found
TYPO3-EXT-SA-2024-007: Insecure Direct Object Reference in extension "powermail" (powermail)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2024-007...
Possible sandbox bypass
More info at https://symfony.com/blog/twig-security-release-possible-sandbox-bypass...
TYPO3-EXT-SA-2024-006: Multiple vulnerabilities in "powermail" (powermail)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2024-006...
SS-2024-001 - TinyMCE allows svg files linked in object tags
More info at https://www.silverstripe.org/download/security-releases/ss-2024-001...
CVE-2024-29885 - Reports are still accessible even when canView is set to false
More info at https://www.silverstripe.org/download/security-releases/cve-2024-29885...
CVE-2024-32981 - XSS Vulnerability with text/html base64-encoded payload
More info at https://www.silverstripe.org/download/security-releases/cve-2024-32981...
Arbitrary Code Execution through Improper Restriction of XML External Entity Reference (XXE) vulnerability
More info at https://helpx.adobe.com/security/products/magento/apsb24-40.html...
TYPO3-EXT-SA-2024-004: Broken Access Control in "Integration of Friendly Captcha" (friendlycaptcha_official)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2024-004...
TYPO3-EXT-SA-2024-003: Multiple vulnerabilities in "Events 2" (events2)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2024-003...
Unsafe Reflection in base Component class
Yii2 supports attaching Behaviors to Components by setting properties having the format 'as '. Internally this is done using the set magic method. If the value passed to this method is not an instance of the Behavior class, a new object is instantiated using Yii::createObject$value. However, ther...
Insecure HTTPS Connections due to Missing Default Certificate Validation
More info at https://huntr.com/bounties/8d59c089-92f1-4b73-90f8-54968a70e2fb...
mdanter/ecc affected by timing vulnerability in cryptographic side-channels
phpecc, as used in all versions of mdanter/ecc, as well as paragonie/ecc before 2.0.1, has a branch-based timing leak in Point addition. This Composer package is also known as phpecc/phpecc on GitHub, previously known as the Matyas Danter ECC library. Paragon Initiative Enterprises hard-forked...
mdanter/ecc affected by timing vulnerability in cryptographic side-channels
phpecc, as used in all versions of mdanter/ecc, as well as paragonie/ecc before 2.0.1, has a branch-based timing leak in Point addition. This Composer package is also known as phpecc/phpecc on GitHub, previously known as the Matyas Danter ECC library. Paragon Initiative Enterprises hard-forked...
Cryptographic side-channels in PHPECC
ECDSA Canonicalization PHPECC is vulnerable to malleable ECDSA signature attacks. Constant-Time Signer When generating a new ECDSA signature, the GMPMath adapter was used. This class wraps the GNU Multiple Precision arithmetic library GMP, which does not aim to provide constant-time implementatio...
Deserialization of Untrusted Data in timber/timber
Summary Timber is vulnerable to PHAR deserialization due to a lack of checking the input before passing it into the fileexists function. If an attacker can upload files of any type to the server, he can pass in the phar:// protocol to unserialize the uploaded file and instantiate arbitrary PHP...
TYPO3-EXT-SA-2024-002: Authentication Bypass in "OpenID Connect Authentication" (oidc)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2024-002...
Deserialization Gadget chain in Symfony sfNamespacedParameterHolder
Summary Symfony 1 has a gadget chain due to dangerous unserialize in sfNamespacedParameterHolder class that would enable an attacker to get remote code execution if a developer unserialize user input in his project. Details This vulnerability present no direct threat but is a vector that will...
phpseclib a large prime can cause a denial of service
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-2528-jw5q-ww88. This link is maintained to preserve external references. Original Description An issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0.47, and 3.x before 3.0.36. An attacker can...
phpseclib does not properly limit the ASN1 OID length
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-f2qx-66wf-wvvx. This link is maintained to preserve external references. Original Description An issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0.47, and 3.x before 3.0.36. When processing the...
Deserialization Gadget chain in Swift Mailer dependancy
Summary Symfony 1 has a gadget chain due to vulnerable Swift Mailer dependency that would enable an attacker to get remote code execution if a developer unserialize user input in his project. Details This vulnerability present no direct threat but is a vector that will enable remote code executio...
CVE-2023-49783 No permission checks for editing or deleting records with CSV import form
More info at https://www.silverstripe.org/download/security-releases/CVE-2023-49783...
CVE-2023-44401 View permissions are bypassed for paginated lists of ORM data in GraphQL queries
More info at https://www.silverstripe.org/download/security-releases/CVE-2023-44401...
TYPO3-EXT-SA-2023-010: Broken Access Control in extension "femanager" (femanager)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-010...
TYPO3-EXT-SA-2023-011: Configuration Injection in extension "Direct Mail" (direct_mail)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-011...
TYPO3-EXT-SA-2023-011: Configuration Injection in extension "Direct Mail" (direct_mail)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-011...
Denial of service caused by infinite recursion when parsing SVG images
More info at https://nvd.nist.gov/vuln/detail/CVE-2023-50262...
Test code in published microsoft-graph-core package exposes phpinfo()
More info at https://nvd.nist.gov/vuln/detail/CVE-2023-49283...
Test code in published microsoft-graph package exposes phpinfo()
More info at https://nvd.nist.gov/vuln/detail/CVE-2023-49282...
phpseclib vulnerable to denial of service
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-2f25-pfq3-c7h8. This link is maintained to preserve external references. Original Description In Math/BinaryField.php in phpseclib 3 before 3.0.34, excessively large degrees in binary fields can lead to a denial...
Potential URI resolution path traversal in the AWS SDK for PHP
More info at https://nvd.nist.gov/vuln/detail/CVE-2023-51651...
TYPO3-EXT-SA-2023-009: Insecure Direct Object Reference in extension "Content Consent" (content_consent)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-009...
TYPO3-EXT-SA-2023-009: Insecure Direct Object Reference in extension "Content Consent" (content_consent)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-009...
TYPO3-CORE-SA-2023-006: Weak Authentication in Session Handling
More info at https://typo3.org/security/advisory/typo3-core-sa-2023-006...
CVE-2023-46735: Potential XSS in WebhookController
More info at https://symfony.com/cve-2023-46735...
CVE-2023-46735: Potential XSS in WebhookController
More info at https://symfony.com/cve-2023-46735...
CVE-2023-40180 DDOS Vulnerability on GraphQL due to lack of protection against recursive queries
More info at https://www.silverstripe.org/download/security-releases/CVE-2023-40180...
TYPO3-EXT-SA-2023-008: Broken Access Control in extension "femanager" (femanager)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-008...
symfony/ux-autocomplete Prevent injection of invalid entity ids for "autocomplete" fields
Impact Under certain circumstances, an attacker could successfully submit an entity id for an EntityType that is not part of the valid choices. Affected applications are any that use: A custom querybuilder option to limit the valid results; AND An EntityType with 'autocomplete' = true or a custom...
Snappy PHAR deserialization vulnerability
Issue On March 17th the vulnerability CVE-2023-28115 was disclosed, allowing an attacker to gain remote code execution through PHAR deserialization. To fix this issue, the version 1.4.2 was released with an additional check in the affected function to prevent the usage of the phar:// wrapper...
TYPO3-EXT-SA-2023-007: Broken Access Control in extension "hCaptcha for EXT:form" (hcaptcha)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-007...
TYPO3-EXT-SA-2023-007: Broken Access Control in extension "hCaptcha for EXT:form" (hcaptcha)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-007...
Observable Response Discrepancy on Admin Login
Description Impact It allows over the Admin Login form to detect which user username, email exists and which one do not exist. Impacted by this issue are Sulu installation = 2.5.0 and getMessage; instead the $exception-getMessageKey; References Currently no references...
Observable Response Discrepancy on Admin Login
Impact It allows over the Admin Login form to detect which user username, email exists and which one do not exist. Impacted by this issue are Sulu installation = 2.5.0 and getMessage; instead the $exception-getMessageKey; References Currently no references...
SS-2023-002 - Cross-site scripting (XSS) vulnerabilities inherited form TinyMCE
More info at https://www.silverstripe.org/download/security-releases/SS-2023-002...
CVE-2023-32302 - Members with no password can be created and bypass custom login forms
More info at https://www.silverstripe.org/download/security-releases/CVE-2023-32302...
TYPO3-EXT-SA-2023-005: SQL Injection in extension "ipandlanguageredirect" (ipandlanguageredirect)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-005...
TYPO3-EXT-SA-2023-004: Cross-Site Scripting in extension "Faceted Search" (ke_search)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-004...
TYPO3-EXT-SA-2023-004: Cross-Site Scripting in extension "Faceted Search" (ke_search)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-004...
Microweber Business Logic Errors
More info at https://nvd.nist.gov/vuln/detail/CVE-2023-6566...
Microweber Business Logic Errors
More info at https://nvd.nist.gov/vuln/detail/CVE-2023-6566...