The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of eZ Platform

eZ Systems eZ Platform: Cross Site Scripting via User Preferences
An attacker can trigger a Cross Site Scripting via User Preferences of eZ Systems eZ Platform, in order to run JavaScript code in the context of the web site...
VIGILANCE-VUL-31741
Symfony: privilege escalation via MimeTypeGuesser Argument Injection
An attacker can bypass restrictions via MimeTypeGuesser Argument Injection of Symfony, in order to escalate his privileges...
CVE-2019-18888, DLA-1999-1, DSA-4573-1, FEDORA-2019-8b0ba02338, VIGILANCE-VUL-30864
Symfony: information disclosure via UriSigner Time Comparison
An attacker can bypass access restrictions to data via UriSigner Time Comparison of Symfony, in order to obtain sensitive information...
CVE-2019-18887, DLA-1999-1, DSA-4573-1, FEDORA-2019-5ae4fd9203, FEDORA-2019-8b0ba02338, FEDORA-2019-9c2ad3b018, VIGILANCE-VUL-30863
jQuery Core: privilege escalation via Object.prototype Pollution
An attacker can bypass restrictions via Object.prototype Pollution of jQuery Core, in order to escalate his privileges...
bulletinoct2019, cpuapr2020, cpujan2020, cpujul2019, cpujul2020, cpuoct2019, CVE-2019-11358, DLA-1797-1, DLA-2118-1, DRUPAL-SA-CORE-2019-005, DRUPAL-SA-CORE-2019-006, DSA-4460-1, EZSA-2019-005, FEDORA-2019-2a0ce0c58c, FEDORA-2019-a06dffab1c, FEDORA-2019-f563e66380, NTAP-20190919-0001, openSUSE-SU-2019:1839-1, openSUSE-SU-2019:1872-1, RHSA-2019:1456-01, Synology-SA-19:19, VIGILANCE-VUL-29030
Symfony: open redirect via Backslashes
An attacker can deceive the user via Backslashes of Symfony, in order to redirect him to a malicious site...
CVE-2018-19790, DLA-1707-1, DSA-4441-1, EZSA-2018-010, FEDORA-2018-66547a8c14, FEDORA-2018-6edf04d9d6, FEDORA-2018-84a1f77d89, FEDORA-2018-8c06b6defd, FEDORA-2018-8d3a9bdff1, FEDORA-2018-b38a4dd0c7, VIGILANCE-VUL-27979
Symfony: information disclosure via File Uploads Form Types
An attacker can bypass access restrictions to data via File Uploads Form Types of Symfony, in order to obtain sensitive information...
CVE-2018-19789, DLA-1707-1, DSA-4441-1, EZSA-2018-010, FEDORA-2018-66547a8c14, FEDORA-2018-6edf04d9d6, FEDORA-2018-84a1f77d89, FEDORA-2018-8c06b6defd, FEDORA-2018-8d3a9bdff1, FEDORA-2018-b38a4dd0c7, VIGILANCE-VUL-27978
Symfony: open redirect via Security Handlers
An attacker can deceive the user via Security Handlers of Symfony, in order to redirect him to a malicious site...
CVE-2018-11408, DLA-1707-1, EZSA-2018-004, FEDORA-2018-96d770ddc9, FEDORA-2018-ba0b683c10, FEDORA-2018-c8ddc44bbb, FEDORA-2018-eba0006df2, VIGILANCE-VUL-26250
Symfony: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of Symfony, in order to force the victim to perform operations...
CVE-2018-11406, DSA-4262-1, EZSA-2018-004, FEDORA-2018-96d770ddc9, FEDORA-2018-ba0b683c10, FEDORA-2018-c8ddc44bbb, FEDORA-2018-eba0006df2, VIGILANCE-VUL-26249
Symfony: denial of service via PDOSessionHandler
An attacker can generate a fatal error via PDOSessionHandler of Symfony, in order to trigger a denial of service...
CVE-2018-11386, DSA-4262-1, EZSA-2018-004, FEDORA-2018-ba0b683c10, FEDORA-2018-c8ddc44bbb, VIGILANCE-VUL-26248
Symfony: privilege escalation via Guard Session Fixation
An attacker can bypass restrictions via Guard Session Fixation of Symfony, in order to escalate his privileges...
CVE-2018-11385, DLA-1707-1, DSA-4262-1, EZSA-2018-004, FEDORA-2018-96d770ddc9, FEDORA-2018-ba0b683c10, FEDORA-2018-c8ddc44bbb, FEDORA-2018-eba0006df2, VIGILANCE-VUL-26230
Our database contains other pages. You can request a free trial to read them.

Display information about eZ Platform: