Lucene search
K

36 matches found

OSV
OSV
added 2015/03/30 12:0 a.m.7 views

UBUNTU-CVE-2015-2787

Use-after-free vulnerability in the processnesteddata function in ext/standard/varunserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an...

7.5CVSS7.1AI score0.12303EPSS
Exploits5References5
OSV
OSV
added 2014/12/20 12:0 a.m.13 views

UBUNTU-CVE-2014-8142

Use-after-free vulnerability in the processnesteddata function in ext/standard/varunserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys...

7.5CVSS7.1AI score0.53166EPSS
Exploits8References3
OSV
OSV
added 2014/10/29 12:0 a.m.6 views

UBUNTU-CVE-2014-3669

Integer overflow in the objectcustom function in ext/standard/varunserializer.c in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via an argument to the unserialize function...

7.5CVSS7.7AI score0.28862EPSS
Exploits1References4
F5 Networks
F5 Networks
added 2010/11/03 12:0 a.m.58 views

SOL12253 - PHP vulnerability CVE-2010-2225

PHP vulnerability CVE-2010-2225 describes a use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2. The vulnerability allows remote attackers to execute arbitrary code or obtain sensitive information by way of serialized data, related to the PHP...

7.5CVSS9.7AI score0.05342EPSS
Exploits1
NVD
NVD
added 2010/06/24 12:30 p.m.23 views

CVE-2010-2225

Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function...

7.5CVSS9.8AI score0.05342EPSS
Exploits1References13
Prion
Prion
added 2010/06/24 12:30 p.m.24 views

Design/Logic Flaw

Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function...

7.5CVSS7.8AI score0.05342EPSS
Exploits1References13Affected Software1
UbuntuCve
UbuntuCve
added 2010/06/24 12:0 a.m.35 views

CVE-2010-2225

Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function...

7.5CVSS7.3AI score0.05342EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2010/06/21 12:0 a.m.33 views

PHP 'SplObjectStorage' Unserializer Arbitrary Code Execution Vulnerability

PHP is prone to a vulnerability that an attacker could exploit to execute arbitrary code with the privileges of the user running the affected application. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

7.5CVSS9.7AI score0.05342EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2007/04/20 11:36 a.m.5 views

security flaw

Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to 1 the GLOBALS array or 2 the session data in SESSION. NOTE: this issue was introduced when attempting to patch CVE-2007-1701...

6.8CVSS6.2AI score0.07625EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2007/04/16 3:38 p.m.6 views

security flaw

Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to 1 the GLOBALS array or 2 the session data in SESSION. NOTE: this issue was introduced when attempting to patch CVE-2007-1701...

6.8CVSS6.2AI score0.07625EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2007/04/16 3:27 p.m.5 views

security flaw

Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to 1 the GLOBALS array or 2 the session data in SESSION. NOTE: this issue was introduced when attempting to patch CVE-2007-1701...

6.8CVSS6.2AI score0.07625EPSS
Exploits1References4
Prion
Prion
added 2007/03/27 1:19 a.m.24 views

Double free

Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to 1 the GLOBALS array or 2 the session data in SESSION. NOTE: this issue was introduced when attempting to patch CVE-2007-1701...

6.8CVSS7.4AI score0.09233EPSS
Exploits1References26Affected Software1
Tenable Nessus
Tenable Nessus
added 2006/07/03 12:0 a.m.50 views

CentOS 3 : PHP (CESA-2005:405)

Updated PHP packages that fix various security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A bug was found in the way PHP...

7.5CVSS6.1AI score0.10394EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2005/04/29 12:0 a.m.53 views

RHEL 3 : PHP (RHSA-2005:405)

Updated PHP packages that fix various security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A bug was found in the way PHP...

7.5CVSS6.1AI score0.10394EPSS
Exploits2References11
RedHat Linux
RedHat Linux
added 2005/04/28 6:53 p.m.36 views

Moderate: Red Hat Security Advisory: PHP security update

Updated PHP packages that fix various security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A bug was found in the way PHP...

7.5CVSS6.2AI score0.10394EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2004/12/23 12:0 a.m.122 views

Fedora Core 2 : php-4.3.10-2.4 (2004-567)

This update includes the latest release of PHP 4.3, including fixes for security issues in the unserializer CVE-2004-1019, exif image parsing CVE-2004-1065, and form upload parsing CVE-2004-0958 and CVE-2004-0959. Note that Tenable Network Security has extracted the preceding description block...

10CVSS7.3AI score0.10042EPSS
Exploits0References1
Rows per page
Query Builder