23 matches found
EUVD-2012-1707
Malware in sbrugna...
SUSE CVE-2012-1697
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition...
WordPress GetResponse plugin <= 5.5.20 - Cross-Site Request Forgery (CSRF) vulnerability leading to API Key Update
Cross-Site Request Forgery CSRF vulnerability leading to API Key Update discovered by Rasi Afeef Patchstack Alliance in WordPress GetResponse plugin versions = 5.5.20. Solution Update the WordPress GetResponse for WordPress plugin to the latest available version at least 5.5.21...
Use-After-Free
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to...
Denial Of Service (DoS)
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to...
Laravel framework information disclosure vulnerability
Laravel framework is a PHP-based web application development framework developed by software developer Taylor Otwell. A security vulnerability exists in Laravel framework 5.5.21 and earlier versions. The vulnerability can be exploited by remote attackers to obtain sensitive information e.g.,...
Internet Bug Bounty: Use after free with assign by ref to overloaded objects
Reported: 2015-07-15 16:30 UTC Fixed: 2015-07-21 14:20 UTC Bug Report: https://bugs.php.net/bug.php?id=70083 Fixed in PHP 5.6: http://git.php.net/?p=php-src.git;a=commitdiff;h=f57cb13c566613eec0e1c2f6d96d18565436a9b7 Fixed in 7:...
Moderate: Red Hat Security Advisory: php55 security and bug fix update
Updated php55 collection packages that fix multiple security issues and several bugs are now available as part of Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Design/Logic Flaw
readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service uninitialized memor...
CVE-2014-9653
readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service uninitialized memor...
Updated php packages fix security vulnerabilities
Updated php and libgd packages fix security vulnerabilities: Double free vulnerability in the zendtshashgracefuldestroy function in zendtshash.c in the Zend Engine in PHP before 5.5.21 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vecto...
PT-2014-2040 · Php +2 · Php +2
Name of the Vulnerable Software and Affected Versions: PHP versions prior to 5.5.21 PHP versions 5.6.x through 5.6.4 Description: The issue is related to a double free vulnerability in the zend ts hash graceful destroy function, which can be exploited by remote attackers to cause a denial of...
PT-2014-1947 · Php +5 · Php +5
Name of the Vulnerable Software and Affected Versions: Fileinfo component in PHP versions prior to 5.4.37 Fileinfo component in PHP 5.5.x versions prior to 5.5.21 Fileinfo component in PHP 5.6.x versions prior to 5.6.5 Description: The issue arises from the mconvert function in softmagic.c not...
PT-2012-2926 · Oracle · Mysql Server +1
Name of the Vulnerable Software and Affected Versions: MySQL versions 5.5.20 through 5.5.21 MySQL versions 5.1.x through 5.1.61 Description: A buffer overflow issue in yaSSL, used by MySQL, allows remote attackers to execute arbitrary code. The issue is related to unspecified vectors. There is no...
mysql: unspecified DoS vulnerability related to Server Optimizer (CPU Apr 2012)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1703...
concrete5 index.php/tools/required/files/add_to searchInstance Parameter XSS
concrete5 index.php/tools/required/files/addto searchInstance Parameter XSS. Webapps exploit for php platform source: http://www.securityfocus.com/bid/53640/info Concrete CMS is prone to following vulnerabilities because it fails to properly handle user-supplied input. 1. Multiple cross-site...
Design/Logic Flaw
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition...
seditio165_CSRF_and_world_readble_db_dumpissuses
============================================= Vulnerable Software: Seditio v165 Downloaded from: http://seditio-eklenti.com/datas/users/1-seditio.165.rar This version is under development of Kaan $ md5sum 1-seditio.165.rar 2eebc8d80f7fcd4e9a0d0659ef193488 1-seditio.165.rar...
PT-2012-3445 · Mysql Server +3 · Mysql Server +3
Name of the Vulnerable Software and Affected Versions: MySQL Server versions 5.1.61 and earlier MySQL Server versions 5.5.21 and earlier Description: The issue affects the availability of the system, related to Server DML, and can be exploited by remote authenticated users. Recommendations: For...
Seditio Build 161 Cross Site Scripting / Information Disclosure
========================================================== Vulnerable Software: seditio-build161 ========================================================== Downloaded from:http://neocrome.net/page.php?id=2447&a=dl md5sum sed.rar aad96010a15f0c38e5cc321f8a91dd1b seditio-build161.rar...