F5 Networks BIG-IP : PHP vulnerability (K75543432)

In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, a stack-based buffer overflow in the zendinidoop function in Zend/zendiniparser.c could cause a denial of service or potentially allow executing code. NOTE: this is only relevant for PHP applications that accept untrusted input...

Foxit Reader U3D Clod Progressive Mesh Continuation Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

CredSSP Remote Code Execution Vulnerability

A remote code execution vulnerability exists in the Credential Security Support Provider protocol CredSSP. An attacker who successfully exploited this vulnerability could relay user credentials and use them to execute code on the target system. CredSSP is an authentication provider which processe...

Adobe Acrobat Pro DC ImageConversion XPS TIFF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2017-11628

In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, a stack-based buffer overflow in the zendinidoop function in Zend/zendiniparser.c could cause a denial of service or potentially allow executing code. NOTE: this is only relevant for PHP applications that accept untrusted input...

CVE-2017-11628

In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, a stack-based buffer overflow in the zendinidoop function in Zend/zendiniparser.c could cause a denial of service or potentially allow executing code. NOTE: this is only relevant for PHP applications that accept untrusted input...

Cross site scripting

An XSS issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. Attachments are opened in a new tab instead of getting downloaded. This creates an attack vector of executing code in the domain of the application...

WordPress Magic Fields 1 plugin cross-site scripting vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the Wordpress Magic Fields 1 plugin, which allows an attacker to frame malicio...

Mageia: Security Advisory (MGASA-2015-0414)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Firefox memory corruption vulnerability (CNVD-2015-05349)

Mozilla Firefox is a web browser developed by the Mozilla Foundation in conjunction with the open source community. A memory corruption vulnerability exists in Mozilla Firefox, which could be exploited by an attacker to cause a denial of service by executing arbitrary code in the user's context...

BSD (Multiple Distributions) - setusercontext() Multiple Vulnerabilities

BSD Multiple Distributions - setusercontext Multiple Vulnerabilities BSD setusercontext vulnerabilites discovered by Kingcope, July 2009 lewls XD Let's go.. BSD derived operating systems have a special function to set a "user context". The function setusercontext is available on for example FreeB...