The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Symfony

Symfony: information disclosure via UriSigner Time Comparison
An attacker can bypass access restrictions to data via UriSigner Time Comparison of Symfony, in order to obtain sensitive information...
CVE-2019-18887, DLA-1999-1, DSA-4573-1, FEDORA-2019-5ae4fd9203, FEDORA-2019-8b0ba02338, FEDORA-2019-9c2ad3b018, VIGILANCE-VUL-30863
Symfony: information disclosure via Switch User Enumeration
An attacker can bypass access restrictions to data via Switch User Enumeration of Symfony, in order to obtain sensitive information...
CVE-2019-18886, DLA-1999-1, VIGILANCE-VUL-30862
Symfony: Cross Site Scripting via VarExporter
An attacker can trigger a Cross Site Scripting via VarExporter of Symfony, in order to run JavaScript code in the context of the web site...
CVE-2019-11325, VIGILANCE-VUL-30861
jQuery, Symfony: Cross Site Scripting via templates
An attacker can trigger a Cross Site Scripting via templates for Symfony, in order to run JavaScript code in the context of the web site...
bulletinoct2019, CERTFR-2019-AVI-180, cpujan2020, cpuoct2019, CVE-2019-10909, CVE-2019-11358, DLA-1777-1, DLA-1777-2, DLA-1778-1, DLA-1797-1, DRUPAL-SA-CORE-2019-005, DRUPAL-SA-CORE-2019-006, DSA-4434-1, DSA-4441-1, FEDORA-2019-2a7f472198, FEDORA-2019-32067d8b15, FEDORA-2019-3ee6a7adf2, FEDORA-2019-a3ca65028c, FEDORA-2019-f8db687840, ibm10882578, ibm10882596, ibm10882756, ibm10882762, ibm10882952, ibm10882956, openSUSE-SU-2019:1839-1, openSUSE-SU-2019:1872-1, RHSA-2019:1456-01, Synology-SA-19:19, TYPO3-CORE-SA-2019-009, TYPO3-CORE-SA-2019-010, TYPO3-CORE-SA-2019-011, TYPO3-CORE-SA-2019-012, TYPO3-CORE-SA-2019-013, TYPO3-PSA-2019-004, TYPO3-PSA-2019-005, TYPO3-PSA-2019-006, VIGILANCE-VUL-29070
Symfony: read-write access via destructors
An attacker can bypass access restrictions via destructors of Symfony, in order to delete or alter data...
CVE-2019-10912, DSA-4441-1, FEDORA-2019-2a7f472198, FEDORA-2019-32067d8b15, FEDORA-2019-3ee6a7adf2, FEDORA-2019-a3ca65028c, FEDORA-2019-f8db687840, VIGILANCE-VUL-29069
Symfony, Drupal: privilege escalation via the "remember me" cookie
An attacker can bypass restrictions via the "remember me" cookie of Symfony or Drupal, in order to escalate his privileges...
CERTFR-2019-AVI-180, CVE-2019-10911, DLA-1778-1, DRUPAL-SA-CORE-2019-005, DRUPAL-SA-CORE-2019-006, DSA-4441-1, FEDORA-2019-2a7f472198, FEDORA-2019-32067d8b15, FEDORA-2019-3ee6a7adf2, FEDORA-2019-a3ca65028c, FEDORA-2019-f8db687840, ibm10882578, ibm10882596, ibm10882756, ibm10882762, ibm10882952, ibm10882956, Synology-SA-19:19, VIGILANCE-VUL-29065
Symfony, Drupal: code execution via service IDs
An attacker can use a vulnerability via service IDs of Symfony or Drupal, in order to run code...
CERTFR-2019-AVI-180, CVE-2019-10910, DLA-1778-1, DRUPAL-SA-CORE-2019-005, DRUPAL-SA-CORE-2019-006, DSA-4441-1, FEDORA-2019-2a7f472198, FEDORA-2019-32067d8b15, FEDORA-2019-3ee6a7adf2, FEDORA-2019-a3ca65028c, FEDORA-2019-f8db687840, ibm10882578, ibm10882596, ibm10882756, ibm10882762, ibm10882952, ibm10882956, Synology-SA-19:19, VIGILANCE-VUL-29064
Symfony: Cross Site Request Forgery via X-Http-Method-Override
An attacker can trigger a Cross Site Request Forgery via X-Http-Method-Override of Symfony, in order to force the victim to perform operations...
CVE-2019-10913, DLA-1778-1, DSA-4441-1, FEDORA-2019-2a7f472198, FEDORA-2019-32067d8b15, FEDORA-2019-3ee6a7adf2, FEDORA-2019-a3ca65028c, FEDORA-2019-f8db687840, VIGILANCE-VUL-29062
Symfony: open redirect via Backslashes
An attacker can deceive the user via Backslashes of Symfony, in order to redirect him to a malicious site...
CVE-2018-19790, DLA-1707-1, DSA-4441-1, EZSA-2018-010, FEDORA-2018-66547a8c14, FEDORA-2018-6edf04d9d6, FEDORA-2018-84a1f77d89, FEDORA-2018-8c06b6defd, FEDORA-2018-8d3a9bdff1, FEDORA-2018-b38a4dd0c7, VIGILANCE-VUL-27979
Symfony: information disclosure via File Uploads Form Types
An attacker can bypass access restrictions to data via File Uploads Form Types of Symfony, in order to obtain sensitive information...
CVE-2018-19789, DLA-1707-1, DSA-4441-1, EZSA-2018-010, FEDORA-2018-66547a8c14, FEDORA-2018-6edf04d9d6, FEDORA-2018-84a1f77d89, FEDORA-2018-8c06b6defd, FEDORA-2018-8d3a9bdff1, FEDORA-2018-b38a4dd0c7, VIGILANCE-VUL-27978
Our database contains other pages. You can request a free trial to read them.

Display information about Symfony: