698 matches found
[SECURITY] Fedora 24 Update: php-5.6.27-1.fc24
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
DSA-3689-1 php5 - security update
Bulletin has no description...
Kajona Directory Traversal Vulnerability
Kajona is an open source CMS written in PHP. A directory traversal vulnerability exists in Kajona version 4.7. An attacker can exploit this vulnerability to obtain information about files present on the system...
PHP wddx module release re-reference vulnerability
PHP is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. A heap block release dereference vulnerability exists in the phpwddxpushelement function of the PHP wddx module, which could allow a remote attacker to execute arbitrary co...
UBUNTU-CVE-2016-7416
ext/intl/msgformat/msgformatformat.c in PHP before 5.6.26 and 7.x before 7.0.11 does not properly restrict the locale length provided to the Locale class in the ICU library, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via ...
PHP gdImageWebpCtx Function Heap Overflow Vulnerability
PHP is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. A heap overflow vulnerability exists in the PHP gdImageWebpCtx function, which allows remote attackers to exploit the vulnerability to execute arbitrary code...
[SECURITY] Fedora 25 Update: php-7.0.10-1.fc25
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
PHP 'ext/standard/string.c' Information Disclosure Vulnerability
PHP is an open source general-purpose computer scripting language. An information disclosure vulnerability exists in PHP 'ext/standard/string.c', which allows attackers to exploit the vulnerability to obtain sensitive information or launch further attacks...
PHP 'mbc_to_code()' Function Stack Buffer Overflow Vulnerability
PHP is an open source general-purpose computer scripting language. A stack buffer overflow vulnerability exists in the PHP 'mbctocode' Function, which allows an attacker to exploit the vulnerability to execute arbitrary code in the context of an affected application, or a failed attack will resul...
PHP 'ext/curl/interface.c' Denial of Service Vulnerability
PHP is an open source general-purpose computer scripting language. PHP 'ext/curl/interface.c' denial of service vulnerability can be exploited by an attacker to cause a denial of service...
PHP: sets environmental variable based on user supplied Proxy request header
It was discovered that PHP did not properly protect against the HTTPPROXY variable name clash. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a PHP script to an attacker-controlled proxy via a malicious HTTP request...
World Of Warcraft recruitment: a command line can hijack your game with the hijacking code and video-bug warning-the black bar safety net
! Recently there has been a relates to the social worker, the technology, the new game attack of the Scam, the attacker uses the world of Warcraft World of Warcraft, WoW game plug-in a hidden function. New attacks Imagine this Scene: the game one looks like a well-known Guild members of a role,...
UBUNTU-CVE-2016-6297
Integer overflow in the phpstreamzipopener function in ext/zip/zipstream.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service stack-based buffer overflow or possibly have unspecified other impact via a crafted zip:// URL...
DSA-3618-1 php5 - security update
Bulletin has no description...
The vulnerability of the PHP interpreter allows a remote attacker to gain access to memory areas beyond the application’s boundaries, or cause the application to terminate abnormally.
The vulnerability of the PHP interpreter in the mconvert function located in the Fileinfo component’s script, softmagic.c causes an error in the pointer to the field that stores the length of the string under certain copy scenarios. As a result, a malicious actor can gain access to memory areas...
DSA-3602-1 php5 - security update
Bulletin has no description...
The vulnerability of the PHP interpreter, which allows attackers to trigger a service failure or exert other effects.
The vulnerability of the exifprocessTIFFinJPEG function ext/exif/exif.c in the PHP interpreter is caused by buffer overflow. Exploiting this vulnerability could allow a malicious actor to cause service failures or potentially other effects such as out-of-memory reading through specially crafted...
How to analyze the Adobe Flash Player vulnerability sample-vulnerability warning-the black bar safety net
Has recently been in the analysis of the Adobe Flash vulnerability, in the analysis and debugging of the Adobe Flash vulnerabilities encountered a series of problems, so this article mainly introduces how to analyze a Flash vulnerability, as well as in the analysis of the process requires the use...
The vulnerability of the PHP interpreter, which allows attackers to trigger a service failure or exert other effects.
The vulnerability of the bcpowmod function ext/bcmath/bcmath.c in the PHP interpreter exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to cause service failures or potentially have other adverse effects through specially crafted call...
The vulnerability of the PHP interpreter allows attackers to trigger a service failure or execute arbitrary code.
The vulnerability of the deserialization function in PHP interpreters relates to the incorrect invocation of multiple phpvarunserialize. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a denial-of-service attack i.e., the use of resources after they are...