• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-502

CVE-2019-16774

February 26, 2023 by

In phpfastcache before 5.1.3, there is a possible object injection vulnerability in cookie driver.

CVE-2019-16317

February 26, 2023 by

In Pimcore before 5.7.1, an attacker with limited privileges can trigger execution of a .phar file via a phar:// URL in a filename parameter, because PHAR uploads are not blocked and are reachable within the phar://../../../../../../../../var/www/html/web/var/assets/ directory, a different vulnerability than CVE-2019-10867 and CVE-2019-16318.

CVE-2019-16335

February 26, 2023 by

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.

CVE-2019-16112

February 26, 2023 by

TylerTech Eagle 2018.3.11 deserializes untrusted user input, resulting in remote code execution via a crafted Java object to the recorder/ServiceManager?service=tyler.empire.settings.SettingManager URI.

CVE-2019-15780

February 26, 2023 by

The formidable plugin before 4.02.01 for WordPress has unsafe deserialization.

CVE-2019-15521

February 26, 2023 by

Spoon Library through 2014-02-06, as used in Fork CMS before 1.4.1 and other products, allows PHP object injection via a cookie containing an object.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 57
  • Go to page 58
  • Go to page 59
  • Go to page 60
  • Go to page 61
  • Interim pages omitted …
  • Go to page 129
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE