Lucene search
K

65 matches found

CNNVD
CNNVD
added 2026/05/10 12:0 a.m.10 views

PHP 资源管理错误漏洞

PHP is an open-source scripting language executed on the server side. Versions of PHP prior to 8.2.31, 8.3.31, 8.4.21, and 8.5.6 contained a resource management vulnerability. This vulnerability occurred when the SoapServer was configured as SOAPPERSISTENTSESSION. In such cases, the processing...

9.8CVSS5.8AI score0.00302EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.14 views

PT-2026-39448

Name of the Vulnerable Software and Affected Versions PHP versions 8.2.0 through 8.2.30 PHP versions 8.3.0 through 8.3.30 PHP versions 8.4.0 through 8.4.20 PHP versions 8.5.0 through 8.5.5 Description When SoapServer is configured with SOAP PERSISTENCE SESSION, the handler object is persisted...

9.8CVSS5.7AI score0.0078EPSS
Exploits0References87
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-4426

Malware in sbrugna...

7.5CVSS6.4AI score0.01309EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-8874

Malicious code in bioql PyPI...

7.5CVSS7.3AI score0.03179EPSS
Exploits0References14
RedhatCVE
RedhatCVE
added 2025/05/22 4:48 a.m.10 views

CVE-2011-4500

The UPnP IGD implementation on the Cisco Linksys WRT54GX with firmware 2.00.05, when UPnP is enabled, configures the SOAP server to listen on the WAN port, which allows remote attackers to administer the firewall via SOAP requests...

7.5CVSS7.2AI score0.01309EPSS
Exploits0References1
NVD
NVD
added 2024/05/03 2:15 a.m.21 views

CVE-2023-27368

NETGEAR RAX30 soapserverd Stack-based Buffer Overflow Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific...

8.8CVSS9.2AI score0.00782EPSS
Exploits0References2
OSV
OSV
added 2024/01/31 11:22 a.m.12 views

CLSA-2024-1706700142 php: Fix of 8 CVEs

CVE-2021-21702: Fix null pointer crash because of malformed SOAP server response - CVE-2021-21703: Fix error in php fpm shared memory organization leading to privilage escalation - CVE-2022-31625: Fix freeing of uninitialized memory leading to RCE - CVE-2022-31626: Fix buffer overflow in mysqlnd...

9.8CVSS7.2AI score0.5838EPSS
Exploits9References1
OSV
OSV
added 2024/01/12 11:15 p.m.6 views

CVE-2023-48166

A directory traversal vulnerability in the SOAP Server integrated in Atos Unify OpenScape Voice V10 before V10R3.26.1 allows a remote attacker to view the contents of arbitrary files in the local file system. An unauthenticated attacker might obtain sensitive files that allow for the compromise o...

7.5CVSS5.9AI score0.01002EPSS
Exploits0References2
Prion
Prion
added 2024/01/12 11:15 p.m.22 views

Directory traversal

A directory traversal vulnerability in the SOAP Server integrated in Atos Unify OpenScape Voice V10 before V10R3.26.1 allows a remote attacker to view the contents of arbitrary files in the local file system. An unauthenticated attacker might obtain sensitive files that allow for the compromise o...

5CVSS7.1AI score0.01002EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/01/12 12:0 a.m.23 views

CVE-2023-48166

A directory traversal vulnerability in the SOAP Server integrated in Atos Unify OpenScape Voice V10 before V10R3.26.1 allows a remote attacker to view the contents of arbitrary files in the local file system. An unauthenticated attacker might obtain sensitive files that allow for the compromise o...

7.7AI score0.01002EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/01/12 12:0 a.m.3 views

Atos Unify OpenScape Security Vulnerability

Atos Unify OpenScape is a native SIP-based real-time Voice over IP system from Atos Unify. A security vulnerability exists in Atos Unify OpenScape Voice V10 versions prior to V10R3.26.1, which stems from a directory traversal vulnerability in the SOAP server that allows an attacker to view the...

7.5CVSS6.5AI score0.01002EPSS
Exploits0References3
CVE
CVE
added 2024/01/12 12:0 a.m.82 views

CVE-2023-48166

CVE-2023-48166 affects Atos Unify OpenScape Voice V10 before V10R3.26.1, where a directory traversal in the SOAP Server can let an unauthenticated remote attacker view arbitrary files in the local file system. This could enable sensitive data exposure and potential system compromise as described ...

7.5CVSS7.4AI score0.01002EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/01/10 12:0 a.m.9 views

PT-2024-13551 · Atos · Atos Unify Openscape Voice

Name of the Vulnerable Software and Affected Versions: Atos Unify OpenScape Voice versions prior to V10R3.26.1 Description: A directory traversal vulnerability in the SOAP Server integrated in Atos Unify OpenScape Voice allows a remote attacker to view the contents of arbitrary files in the local...

7.5CVSS7.6AI score0.01002EPSS
Exploits0References7
Citrix
Citrix
added 2022/01/14 12:0 a.m.21 views

Citrix PVS soap server service does not start and crashes after installing Microsoft January 2022 Updates (E.g. KB5008877 or KB5009546)

Since installing Microsoft January 2022 Updates like KB5009546 or KB5008877 the Citrix PVS soap server service doesn't start anymore. When trying to start this service it crashes right away. While this happens the Citrix PVS API service also stops working. Soapserver.exe crashes Event 1000 .net...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/07/13 12:0 a.m.50 views

Ubuntu 16.04 ESM : PHP vulnerabilities (USN-5006-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5006-2 advisory. USN-5006-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has...

7.5CVSS6.6AI score0.03179EPSS
Exploits4References6
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:33 p.m.48 views

Security Bulletin: Multiple vulnerabilities have been identified in IBM Tivoli Monitoring shipped with IBM Cloud Orchestrator Enterprise

Summary IBM Tivoli Monitoring is shipped as a component of IBM Cloud Orchestrator Enterprise. Information about security vulnerabilities affecting IBM Tivoli Monitoring has been published in the security bulletins below. Vulnerability Details Consult the following security bulletins for IBM Tivol...

8.3CVSS1.5AI score0.95707EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:38 p.m.17 views

Security Bulletin: IBM Tivoli Monitoring Soap Server (CVE-2016-6083)

Summary The default configuration for IBM Tivoli Monitoring soap interface allows unathenticated users access to soap requests. Vulnerability Details CVEID: CVE-2016-6083 DESCRIPTION: IBM Tivoli Monitoring could disclose could allow an unauthenticated user to access SOAP queries that could contai...

5.3CVSS0.2AI score0.01302EPSS
Exploits0Affected Software1
Citrix
Citrix
added 2017/07/03 12:0 a.m.9 views

"XenDesktop Site is not reachable, check that the Citrix PVS Soap Server service user has XenDesktop permissions and network connectivity" While Promoting vDisk Version

The following error appears while trying to promote an updated version of a vDisk: "XenDesktop Site f0a65a14-f50b-403a-ba3b-77700c7829b7 is not reachable, check that the Citrix PVS Soap Server service user has XenDesktop permissions and network connectivity." The PVS Soap Server service runs as...

7AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Adobe IndesignServer 5.5 SOAP Server Arbitrary Script Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2012/12/06 12:0 a.m.37 views

Adobe IndesignServer 5.5 SOAP Server Arbitrary Script Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Adobe...

0.5AI score
Exploits0
Rows per page
Query Builder