Search CVE reports


Toggle filters

61 – 70 of 42692 results

Status is adjusted based on your filters.


CVE-2026-45133

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, when the parser is exposed to attacker-controlled input, deeply nested mappings or...

1 affected package

symfony

Package 20.04 LTS
symfony Needs evaluation
Show less packages

CVE-2026-45075

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 7.4.12 and 8.0.12, method-scoped #[IsGranted], #[IsSignatureValid], and #[IsCsrfTokenValid] attributes can be configured...

1 affected package

symfony

Package 20.04 LTS
symfony Needs evaluation
Show less packages

CVE-2026-45073

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, PdoAdapter::doClear() builds a DELETE statement using a namespace derived from the...

1 affected package

symfony

Package 20.04 LTS
symfony Needs evaluation
Show less packages

CVE-2026-45072

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 6.4.24 until 6.4.40, 7.4.12, and 8.0.12, the development profiler file_excerpt Twig filter escapes PHP files...

1 affected package

symfony

Package 20.04 LTS
symfony Needs evaluation
Show less packages

CVE-2026-45070

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, Symfony\Component\Mime\Header\ParameterizedHeader validates and encodes parameter...

1 affected package

symfony

Package 20.04 LTS
symfony Needs evaluation
Show less packages

CVE-2026-45069

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 6.4.40, 7.4.12, and 8.0.12, OidcTokenHandler::verifyClaims() registered audience (aud), issuer (iss), and expiry (exp)...

1 affected package

symfony

Package 20.04 LTS
symfony Needs evaluation
Show less packages

CVE-2026-45064

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 6.1.0-BETA1 until 6.4.40, 7.4.12, and 8.0.12, UrlSanitizer::parse() passes Unicode explicit-direction BiDi...

1 affected package

symfony

Package 20.04 LTS
symfony Needs evaluation
Show less packages

CVE-2026-45063

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, X509Authenticator extracts the user identifier from $_SERVER['SSL_CLIENT_S_DN'] with an...

1 affected package

symfony

Package 20.04 LTS
symfony Needs evaluation
Show less packages

CVE-2026-57108

Medium priority

Not in release

Access of resource using incompatible type ('type confusion') in .NET Core allows an unauthorized attacker to deny service over a network.

5 affected packages

dotnet6, dotnet7, dotnet8, dotnet9, dotnet10

Package 20.04 LTS
dotnet6 Not in release
dotnet7 Not in release
dotnet8 Not in release
dotnet9 Not in release
dotnet10 Not in release
Show less packages

CVE-2026-45756

Medium priority
Needs evaluation

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 7.3.0-BETA1 until 7.4.12 and 8.0.12, the JsonPath component compiles attacker-controlled match() and search() filter patterns...

1 affected package

symfony

Package 20.04 LTS
symfony Needs evaluation
Show less packages