Search CVE reports


Toggle filters

131 – 140 of 42760 results

Status is adjusted based on your filters.


CVE-2026-45064

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 6.1.0-BETA1 until 6.4.40, 7.4.12, and 8.0.12, UrlSanitizer::parse() passes Unicode explicit-direction BiDi...

1 affected package

symfony

Package 20.04 LTS
symfony Needs evaluation
Show less packages

CVE-2026-45063

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, X509Authenticator extracts the user identifier from $_SERVER['SSL_CLIENT_S_DN'] with an...

1 affected package

symfony

Package 20.04 LTS
symfony Needs evaluation
Show less packages

CVE-2026-57108

Medium priority

Not in release

Access of resource using incompatible type ('type confusion') in .NET Core allows an unauthorized attacker to deny service over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 20.04 LTS
dotnet6 Not in release
dotnet7 Not in release
dotnet8 Not in release
dotnet9 Not in release
dotnet10 Not in release
Show less packages

CVE-2026-45756

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 7.3.0-BETA1 until 7.4.12 and 8.0.12, the JsonPath component compiles attacker-controlled match() and search() filter patterns...

1 affected package

symfony

Package 20.04 LTS
symfony Needs evaluation
Show less packages

CVE-2026-45077

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, the server:log listener (Symfony\Bridge\Monolog\Command\ServerLogCommand) binds to...

1 affected package

symfony

Package 20.04 LTS
symfony Needs evaluation
Show less packages

CVE-2026-45074

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 7.1.0 until 7.4.12 and 8.0.12, Cas2Handler builds the CAS service parameter from Request::getSchemeAndHttpHost(), which...

1 affected package

symfony

Package 20.04 LTS
symfony Needs evaluation
Show less packages

CVE-2026-45067

Medium priority
Needs evaluation

### Description `Symfony\Component\Mime\Address` is the value-object every Symfony Mailer address (to/cc/bcc/from/reply-to) flows through; its constructor is documented as validating the address and throwing on invalid input,...

1 affected package

symfony

Package 20.04 LTS
symfony Needs evaluation
Show less packages

CVE-2026-45066

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 6.1.0-BETA1 until 6.4.40, 7.4.12, and 8.0.12, HtmlSanitizer URL sanitization can allow off-allowlist URLs...

1 affected package

symfony

Package 20.04 LTS
symfony Needs evaluation
Show less packages

CVE-2026-45065

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, UrlGenerator validates route parameters against a pattern built as ^ plus the raw...

1 affected package

symfony

Package 20.04 LTS
symfony Needs evaluation
Show less packages

CVE-2026-15747

Medium priority
Needs evaluation

Mojolicious versions from 4.59 before 9.48 for Perl expose a stable representation of the session CSRF token to a BREACH compression oracle. _csrf_token generates and caches one token per session and returns the same value on...

1 affected package

libmojolicious-perl

Package 20.04 LTS
libmojolicious-perl Needs evaluation
Show less packages