Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.0 vulnerabilities and exploits
(subscribe to this query)
8.6
CVSSv3
CVE-2019-1599
A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to an issue with allocating and freeing memory buffers in the network s...
Cisco Nx-os
7.8
CVSSv3
CVE-2019-1585
A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local malicious user to escalate standard users with root privilege on an affected device. The vulnerability is due to a misconfiguratio...
Cisco Nx-os 8.3\\(0\\)sk\\(0.39\\)
Cisco Application Policy Infrastructure Controller Software
5.3
CVSSv3
CVE-2018-19789
An issue exists in Symfony 2.7.x prior to 2.7.50, 2.8.x prior to 2.8.49, 3.x prior to 3.4.20, 4.0.x prior to 4.0.15, 4.1.x prior to 4.1.9, and 4.2.x prior to 4.2.1. When using the scalar type hint `string` in a setter method (e.g. `setName(string $name)`) of a class that's t...
Sensiolabs Symfony
Debian Debian Linux 8.0
6.1
CVSSv3
CVE-2018-19790
An open redirect exists in Symfony 2.7.x prior to 2.7.50, 2.8.x prior to 2.8.49, 3.x prior to 3.4.20, 4.0.x prior to 4.0.15, 4.1.x prior to 4.1.9 and 4.2.x prior to 4.2.1. By using backslashes in the `_failure_path` input field of login forms, an attacker can work around the redi...
Sensiolabs Symfony
Fedoraproject Fedora 28
Debian Debian Linux 8.0
9.8
CVSSv3
CVE-2018-19290
In modules/HELPBOT_MODULE in Budabot 0.6 up to and including 4.0, lax syntax validation allows remote malicious users to perform a command injection attack against the PHP daemon with a crafted command, resulting in a denial of service or possibly unspecified other impact, as dem...
Budabot Budabot
5.9
CVSSv3
CVE-2017-16653
An issue exists in Symfony prior to 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. The current implementation of CSRF protection in Symfony (Version >=2) does not use different tokens for HTTP and HTTPS; therefore the token is subject to MITM attacks on HTTP and can...
Sensiolabs Symfony
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2017-16790
An issue exists in Symfony prior to 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. When a form is submitted by the user, the request handler classes of the Form component merge POST data and uploaded files data into one array. This big array forms the data that are the...
Sensiolabs Symfony
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2017-16654
An issue exists in Symfony prior to 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. The Intl component includes various bundle readers that are used to read resource bundles from the local filesystem. The read() methods of these classes use a path and a locale to determ...
Sensiolabs Symfony
Debian Debian Linux 8.0
Debian Debian Linux 9.0
8.8
CVSSv3
CVE-2018-11406
An issue exists in the Security component in Symfony 2.7.x prior to 2.7.48, 2.8.x prior to 2.8.41, 3.3.x prior to 3.3.17, 3.4.x prior to 3.4.11, and 4.0.x prior to 4.0.11. By default, a user's session is invalidated when the user is logged out. This behavior can be disabled ...
Sensiolabs Symfony
Debian Debian Linux 9.0
8.1
CVSSv3
CVE-2018-11385
An issue exists in the Security component in Symfony 2.7.x prior to 2.7.48, 2.8.x prior to 2.8.41, 3.3.x prior to 3.3.17, 3.4.x prior to 3.4.11, and 4.0.x prior to 4.0.11. A session fixation vulnerability within the "Guard" login feature may allow an malicious user to i...
Sensiolabs Symfony
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 28
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »