Oracle Hospitality OPERA 5 Property Services 安全漏洞

Oracle Hospitality OPERA 5 Property Services is a Windows-based application component developed by Oracle Corporation, used for processing payment card transactions. Vulnerabilities exist in versions 5.6.19.24, 5.6.22, 5.6.25.19, 5.6.27.6, and 5.6.28 of Oracle Hospitality OPERA 5 Property Service...

Linux Distros Unpatched Vulnerability : CVE-2016-0665

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Security:...

SUSE CVE-2016-10397

In PHP before 5.6.28 and 7.x before 7.0.13, incorrect handling of various URI components in the URL parser could be used by attackers to bypass hostname-specific URL checks, as demonstrated by evil.example.com:[email protected]/ and evil.example.com:[email protected]/ inputs to the parseurl...

CVE-2016-10397

In PHP before 5.6.28 and 7.x before 7.0.13, incorrect handling of various URI components in the URL parser could be used by attackers to bypass hostname-specific URL checks, as demonstrated by evil.example.com:[email protected]/ and evil.example.com:[email protected]/ inputs to the parseurl...

CVE-2016-10397

In PHP before 5.6.28 and 7.x before 7.0.13, incorrect handling of various URI components in the URL parser could be used by attackers to bypass hostname-specific URL checks, as demonstrated by evil.example.com:[email protected]/ and evil.example.com:[email protected]/ inputs to the parseurl...

PT-2017-1613 · Zend Technologies +4 · Zend Opcache +6

Name of the Vulnerable Software and Affected Versions: PHP versions prior to 5.6.28 PHP versions prior to 7.0.13 Description: The issue exists due to inadequate access control when inheriting certain classes related to operational code in PHP configurations using apache2handler/mod php or php-fpm...

CVE-2016-9933

Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library aka libgd before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service segmentation violation via a crafted imagefilltoborder call that...

Debian DSA-3732-1 : php5 - security update

Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.28, which includes additional bug fixes. Please refer to the upstream changelog for mor...

Internet Bug Bounty: imagefilltoborder stackoverflow on truecolor images

Upstream Bug --- https://bugs.php.net/bug.php?id=72696 Summary -- Invalid color causes stack exhaustion by recursive call to function gdImageFillToBorder when the image used is truecolor. This was tested on a 64 bits platform. GDB debugging -- gdb -q --args /home/operac/php-70-sinasan/sapi/cli/ph...

mysql: unspecified vulnerability in subcomponent: Server: InnoDB (CPU April 2016)

Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to InnoDB...

Oracle MySQL Server: InnoDB Subcomponent Denial of Service Vulnerability

Oracle MySQL is an open source relational database management system from Oracle. This database system is characterized by high performance, low cost and good reliability. A denial of service vulnerability exists in the Server: InnoDB subcomponent of Oracle MySQL versions 5.6.28 and earlier and...

CVE-2016-0665

Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Security: Encryption...

UBUNTU-CVE-2016-0665

Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Security: Encryption...

openSUSE Security Update : MySQL (openSUSE-2016-169)

This update to MySQL 5.6.28 fixes the following issues bsc962779 : - CVE-2015-7744: Lack of verification against faults associated with the Chinese Remainder Theorem CRT process when allowing ephemeral key exchange without low memory optimizations on a server, which makes it easier for remote...