SUSE CVE-2012-3180

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer...

SUSE CVE-2015-5590

Stack-based buffer overflow in the pharfixfilepath function in ext/phar/phar.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large length value, as demonstrated by mishandling...

PHP < 5.5.27, 5.6.x < 5.6.11 Arbitrary Code Execution Vulnerability (Aug 2016) - Linux

PHP is prone to an arbitrary code execution vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if descripti...

CVE-2015-4116

Use-after-free vulnerability in the splptrheapinsert function in ext/spl/splheap.c in PHP before 5.5.27 and 5.6.x before 5.6.11 allows remote attackers to execute arbitrary code by triggering a failed SplMinHeap::compare operation...

Design/Logic Flaw

The pharconverttoother function in ext/phar/pharobject.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 does not validate a file pointer before a close operation, which allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other...

CVE-2015-8838

ext/mysqlnd/mysqlnd.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, a related issue to CVE-2015-3152...

Vanilla Forums 2.0.18 / SQL-Injection / Insert arbitrary user &amp; dump usertable

Product Name: Vanilla Forums Vulnerable Version: Up to vanilla-core-2-0-18-4 Tested on: Windows Server 2003 Apache 2.4.3 PHP 5.4.7 MySQL 5.5.27 Vulnerability Overview: SQL-Injection is possible, because$POST arrays are not proper sanitized. You do not need to be authenticated. Vulnerability...

mysql: unspecified DoS vulnerability related to Server Optimizer (CPU Oct 2012)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer...

PT-2012-4541 · Mysql Server +3 · Mysql Server +3

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 5.1.65 and earlier MySQL Server versions 5.5.27 and earlier Description: The issue affects the availability of the system, allowing remote authenticated users to exploit it via unknown vectors related to Server Optimizer...

PT-2012-4527 · Mysql Server +3 · Mysql Server +3

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 5.1.65 and earlier MySQL Server versions 5.5.27 and earlier Description: The issue affects confidentiality and is related to Server Installation. The estimated number of potentially affected devices worldwide is not...

WordPress 3.4.2 Cross Site Request Forgery

Exploit for php platform in category web applications ============================================================ Vulnerable Software: WordPress Version 3.4.2 Downloaded from: http://wordpress.org/latest.zip MD5SUM: d670508d81e2fd060c2041441bc03300 wordpress-3.4.2.zip...

WordPress 3.4.2 Cross Site Request Forgery

============================================================ Vulnerable Software: WordPress Version 3.4.2 Downloaded from: http://wordpress.org/latest.zip MD5SUM: d670508d81e2fd060c2041441bc03300 wordpress-3.4.2.zip =========================================================== Tested: php.ini...

Apache Tomcat User Enumeration

This module enumerates Apache Tomcat's usernames via malformed requests to jsecuritycheck, which can be found in the web administration package. It should work against Tomcat servers 4.1.0 - 4.1.39, 5.5.0 - 5.5.27, and 6.0.0 - 6.0.18. Newer versions no longer have the "admin" package by default...

Mandrake Security Advisory MDVSA-2009:163 (tomcat5)

The remote host is missing an update to tomcat5 announced via advisory MDVSA-2009:163. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Mandrake Security Advisory MDVSA-2009:136 (tomcat5)

The remote host is missing an update to tomcat5 announced via advisory MDVSA-2009:136. OpenVAS Vulnerability Test $Id: mdksa2009136.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:136 tomcat5 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

Directory traversal

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct...

CVE-2009-0781

Cross-site scripting XSS vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, relat...

VirtualCenter Update 4 and ESX patch update Tomcat to version 5.5.27

a. Update for VirtualCenter and ESX patch update Apache Tomcat version to 5.5.27Update for VirtualCenter and ESX patch update the Tomcat package to version 5.5.27 which addresses multiple security issues that existed in the previous version of Apache Tomcat. The Common Vulnerabilities and Exposur...

VMSA-2009-0002:VirtualCenter Update 4 and ESX patch update Tomcat to version 5.5.27

VMSA-2009-0002.2 VirtualCenter Update 4 and ESX patch update Tomcat to version 5.5.27 VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2009-0002.2 VMware Security Advisory Synopsis: VirtualCenter Update 4 and ESX patch update Tomcat to version 5.5.27 VMware Security Advisory...

Fedora 9 : tomcat5-5.5.27-0jpp.2.fc9 (2008-8113)

Mon Sep 15 2008 David Walluck 0:5.5.27-0jpp.2 - add commons-io symlink - Mon Sep 15 2008 David Walluck 0:5.5.27-0jpp.1 - 5.5.27 Resolves: rhbz456120 Resolves: rhbz457934 Resolves: rhbz446393 Resolves: rhbz457597 Note that Tenable Network Security has extracted the preceding description block...