UBUNTU-CVE-2016-6295

ext/snmp/snmp.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to cause a denial of service use-after-free and application crash or possibly have unspecified other impac...

CVE-2016-6295

ext/snmp/snmp.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to cause a denial of service use-after-free and application crash or possibly have unspecified other impac...

WordPress Collne Welcart e-Commerce Plugin Executes Arbitrary PHP Code Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platforms developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL.Collne Welcart e-Commerce is one of the e-commerce plug-ins. A security vulnerability exists in the WordPress Collne Welcar...

CVE-2016-4825

The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted serialized data...

CVE-2016-4825

The CVE-2016-4825 issue affects the WordPress plugin Welcart e‑Commerce (Collne Welcart) prior to version 1.8.3. Affected component: PHP unserialization in the plugin’s handling of serialized data, enabling PHP object injection and arbitrary code execution by a remote attacker. The vulnerability ...

CVE-2016-4825

The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted serialized data...

CVE-2016-5771

splarray.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free and application crash via crafted...

UBUNTU-CVE-2016-5771

splarray.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free and application crash via crafted...

CVE-2016-4326

The Chef Manage formerly opscode-manage add-on before 1.12.0 for Chef allows remote attackers to execute arbitrary code via crafted serialized data in a cookie...

CVE-2016-4326

The Chef Manage formerly opscode-manage add-on before 1.12.0 for Chef allows remote attackers to execute arbitrary code via crafted serialized data in a cookie...

Code injection

The Chef Manage formerly opscode-manage add-on before 1.12.0 for Chef allows remote attackers to execute arbitrary code via crafted serialized data in a cookie...

CVE-2016-4326

The CVE-2016-4326 vulnerability affects the Chef Manage (formerly opscode-manage) add-on for Chef, where versions up to and including 1.11.4 deserialize cookie data insecurely. The underlying issue is deserialization of untrusted cookie data, which can be exploited by an unauthenticated remote at...

CVE-2016-4326

The Chef Manage formerly opscode-manage add-on before 1.12.0 for Chef allows remote attackers to execute arbitrary code via crafted serialized data in a cookie...

The vulnerability of the PHP interpreter allows attackers to trigger a service failure or execute arbitrary code.

The vulnerability of the makehttpsoaprequest function ext/soap/phphttp.c in the PHP interpreter is related to pointer arithmetic errors. Exploiting this vulnerability could allow a malicious actor to cause service failure pointer arithmetic errors, application termination, or execute arbitrary co...

The vulnerability of the PHP interpreter, which allows a hacker to trigger a service failure

The vulnerability of the function in the Zend/zendexceptions.c interpreter of PHP exists due to the lack of checks for certain Exception objects. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause a service failure such as reassigning a null pointer or...

Google Chrome SkRegion::readFromMemory function denial of service vulnerability

Google Chrome is a web browsing tool developed by Google. In versions of Google Chrome prior to 51.0.2704.79, the Skia/core/SkRegion.cpp/SkRegion::readFromMemory function does not validate interval counting, which can be exploited by remote attackers to cause a denial of service via constructed...

Out-of-bounds

The SkRegion::readFromMemory function in core/SkRegion.cpp in Skia, as used in Google Chrome before 51.0.2704.79, does not validate the interval count, which allows remote attackers to cause a denial of service out-of-bounds read via crafted serialized data...

CVE-2016-1702

Removed by vendor...

chromium-browser: out-of-bounds read in skia

The SkRegion::readFromMemory function in core/SkRegion.cpp in Skia, as used in Google Chrome before 51.0.2704.79, does not validate the interval count, which allows remote attackers to cause a denial of service out-of-bounds read via crafted serialized data...

PHP Denial of Service Vulnerability (CNVD-2016-03648)

PHP PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. A security vulnerability exists in PHP's Zend/zendexceptions.c file. A remote attacker could exploit this...