Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Hacker One
Hacker Oneadded 2016/03/15 12:11 a.m.21 views

Internet Bug Bounty: Use after free with assign by ref to overloaded objects

Reported: 2015-07-15 16:30 UTC Fixed: 2015-07-21 14:20 UTC Bug Report: https://bugs.php.net/bug.php?id=70083 Fixed in PHP 5.6: http://git.php.net/?p=php-src.git;a=commitdiff;h=f57cb13c566613eec0e1c2f6d96d18565436a9b7 Fixed in 7:...

7AI score
Exploits0
Amazon
Amazonadded 2015/01/08 12:0 a.m.71 views

Medium: php54

Issue Overview: Use-after-free vulnerability in the processnesteddata function in ext/standard/varunserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of...

10CVSS8.6AI score0.8832EPSS
Exploits8
OpenVAS
OpenVASadded 2015/01/07 12:0 a.m.44 views

PHP Out of Bounds Read Vulnerability (Jan 2015)

PHP is prone to an out of bounds read vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; ifdescription...

7.5CVSS7.4AI score0.02997EPSS
Exploits1References2
OpenVAS
OpenVASadded 2015/01/07 12:0 a.m.59 views

PHP 5.4.x < 5.4.36, 5.5.x < 5.5.20, 5.6.x < 5.6.4 Use After Free Vulnerability (Jan 2015)

PHP is prone to an use after free vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; ifdescription...

7.5CVSS7.6AI score0.8832EPSS
Exploits8References4
Tenable Nessus
Tenable Nessusadded 2015/01/02 12:0 a.m.340 views

PHP 5.4.x < 5.4.36 'process_nested_data' RCE

According to its banner, the version of PHP 5.4.x installed on the remote host is prior to 5.4.36. It is, therefore, affected by a use-after-free error in the 'processnesteddata' function within 'ext/standard/varunserializer.re' due to improper handling of duplicate keys within the serialized...

7.5CVSS7.6AI score0.8832EPSS
Exploits8References4
OpenVAS
OpenVASadded 2014/12/31 12:0 a.m.44 views

Debian Security Advisory DSA 3117-1 (php5 - security update)

Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. As announced in DSA 3064-1 it has been decided to follow the stable 5.4.x releases for the Wheezy php5 packages. Consequently the vulnerabilities are addressed by upgradi...

7.5CVSS8.3AI score0.8832EPSS
Exploits8References1
Rows per page
Query Builder