Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
simplesamlphp simplesamlphp vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2020-7065
In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution.
Php Php
Debian Debian Linux 10.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Tenable Tenable.sc
4.3
CVSSv2
CVE-2018-14040
In Bootstrap prior to 4.1.2, XSS is possible in the collapse data-parent attribute.
Debian Debian Linux 8.0
Getbootstrap Bootstrap
Getbootstrap Bootstrap 4.0.0
2 Github repositories
4.3
CVSSv2
CVE-2018-14042
In Bootstrap prior to 4.1.2, XSS is possible in the data-container property of tooltip.
Getbootstrap Bootstrap
Getbootstrap Bootstrap 4.0.0
2 Github repositories
4.3
CVSSv2
CVE-2018-20676
In Bootstrap prior to 3.4.0, XSS is possible in the tooltip data-viewport attribute.
Getbootstrap Bootstrap
4.3
CVSSv2
CVE-2018-20677
In Bootstrap prior to 3.4.0, XSS is possible in the affix configuration target property.
Getbootstrap Bootstrap
1 Github repository
5
CVSSv2
CVE-2019-11044
In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 on Windows, PHP link() function accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is ...
Php Php 7.4.0
Php Php
Tenable Securitycenter
Fedoraproject Fedora 30
Fedoraproject Fedora 31
5
CVSSv2
CVE-2019-11048
In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request...
Php Php
4.3
CVSSv2
CVE-2021-21704
In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using Firebird PDO driver extension, a malicious database server could cause crashes in various database functions, such as getAttribute(), execute(), fetch() and others by returning invalid respon...
Php Php
Netapp Clustered Data Ontap -
7.9
CVSSv2
CVE-2017-5661
In Apache FOP prior to 2.2, files lying on the filesystem of the server which uses FOP can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the use...
Apache Formatting Objects Processor
6.4
CVSSv2
CVE-2020-7061
In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer. This could potentially lead to information disclosure or crash.
Php Php
Tenable Tenable.sc
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »