17 matches found
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004637)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004637 advisory. In the Linux kernel 5.5.0 and newer, the bpf verifier kernel/bpf/verifier.c did not properly restrict the register bounds for 32-bit operations, leading to...
Linux Distros Unpatched Vulnerability : CVE-2020-8835
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel 5.5.0 and newer, the bpf verifier kernel/bpf/verifier.c did not properly restrict the register bounds for 32-bit operations, leading to...
SUSE CVE-2020-8835
In the Linux kernel 5.5.0 and newer, the bpf verifier kernel/bpf/verifier.c did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the...
WordPress plugin 安全漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . A security vulnerability exists in the Store Locator Plus...
CVE-2020-8835
In the Linux kernel 5.5.0 and newer, the bpf verifier kernel/bpf/verifier.c did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the...
PHP 5.3.x < 5.3.29, 5.4.x < 5.4.30, 5.5.x < 5.5.14, 5.6.0alpha1 < 5.6.0 Heap Based Buffer Overflow Vulnerability - Linux
PHP is prone to a heap-based buffer overflow vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if...
PHP DateTime Use After Free Vulnerability
Exploit for php platform in category dos / poc Use After Free Vulnerability in unserialize with DateTime CVE-2015-0273 Taoguang Chen - Write Date: 2015.1.29 - Release Date: 2015.2.20 A use-after-free vulnerability was discovered in unserialize with DateTime/DateTimeZone/DateInterval/DatePeriod...
PHP 5.5.x < 5.5.15 Multiple Use After Free Vulnerabilities (Jul 2014)
PHP is prone to multiple use after free vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; ifdescription...
Design/Logic Flaw
The cdfcheckstreamoffset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows remote attackers to cause a denial of service application crash via a crafted stream offset in a CDF...
Design/Logic Flaw
The cdfreadshortsector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted CDF file...
CVE-2014-0207
The cdfreadshortsector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted CDF file...
Updated php packages fix multiple vulnerabilities
Updated php packages fix security vulnerabilities: The unserialize function in PHP before 5.4.30 and 5.5.14 has a Type Confusion issue related to the SPL ArrayObject and SPLObjectStorage Types CVE-2014-3515. It was discovered that PHP is vulnerable to a heap-based buffer overflow in the DNS TXT...
Fedora 19 : php-5.5.14-1.fc19 (2014-7782)
26 Jun 2014, PHP 5.5.14 Core : - Fixed BC break introduced by patch for bug 67072. Anatol, Stas - Fixed bug 66622 Closures do not correctly capture the late bound class static:: in some cases. Levi Morrison - Fixed bug 67390 insecure temporary file use in the configure script. CVE-2014-3981 Remi ...
PT-2014-2043 · Php +5 · Mod Php +7
Name of the Vulnerable Software and Affected Versions: PHP versions prior to 5.4.30 PHP versions 5.5.x prior to 5.5.14 Description: The issue is related to a "type confusion" vulnerability in the phpinfo implementation, which might allow context-dependent attackers to obtain sensitive information...
UBUNTU-CVE-2014-4698
Use-after-free vulnerability in ext/spl/splarray.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applications in certain web-hosting environments...
Fedora 20 : php-5.5.14-1.fc20 (2014-7765)
26 Jun 2014, PHP 5.5.14 Core : - Fixed BC break introduced by patch for bug 67072. Anatol, Stas - Fixed bug 66622 Closures do not correctly capture the late bound class static:: in some cases. Levi Morrison - Fixed bug 67390 insecure temporary file use in the configure script. CVE-2014-3981 Remi ...
PT-2014-1421 · Php +5 · Php +5
Name of the Vulnerable Software and Affected Versions: PHP versions prior to 5.4.30 PHP versions 5.5.x prior to 5.5.14 Description: The issue arises from incorrect anticipation of data structure types after unserialization in the SPL component, leading to potential remote code execution through...