24 matches found
Ericsson Packet Core Gateway 安全漏洞
Ericsson Packet Core Gateway is a data packet gateway platform for mobile communication core networks developed by the Swedish company Ericsson. Versions of Ericsson Packet Core Gateway prior to version 1.30 contained security vulnerabilities. These vulnerabilities stemmed from improper handling ...
php: NULL pointer dereference in SOAP apache:Map decoder with missing <value>
A flaw was found in PHP. When a PHP SOAP server has a typemap configured, the apache:Map decoding process checks the incorrect variable in case of a missing value element. This incorrect check leads to a NULL pointer dereference and allows a remote unauthenticated attacker to crash the PHP SOAP...
php: NULL pointer dereference in SOAP apache:Map decoder with missing <value>
A flaw was found in PHP. When a PHP SOAP server has a typemap configured, the apache:Map decoding process checks the incorrect variable in case of a missing value element. This incorrect check leads to a NULL pointer dereference and allows a remote unauthenticated attacker to crash the PHP SOAP...
php: NULL pointer dereference in SOAP apache:Map decoder with missing <value>
A flaw was found in PHP. When a PHP SOAP server has a typemap configured, the apache:Map decoding process checks the incorrect variable in case of a missing value element. This incorrect check leads to a NULL pointer dereference and allows a remote unauthenticated attacker to crash the PHP SOAP...
RLSA-2026:22142 Important: php:8.3 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions CVE-2026-7258 PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting vulnerability via improper URL sanitation...
php: NULL pointer dereference in SOAP apache:Map decoder with missing <value>
A flaw was found in PHP. When a PHP SOAP server has a typemap configured, the apache:Map decoding process checks the incorrect variable in case of a missing value element. This incorrect check leads to a NULL pointer dereference and allows a remote unauthenticated attacker to crash the PHP SOAP...
BIT-PHP-MIN-2026-7262 NULL pointer dereference in SOAP apache:Map decoder with missing <value>
In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when a SOAP server has a typemap configured, the decoding process contains a mistake which checks the wrong variable in case of missing value element. This leads to dereferences a NULL pointer,...
BIT-PHP-2026-7262 NULL pointer dereference in SOAP apache:Map decoder with missing <value>
In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when a SOAP server has a typemap configured, the decoding process contains a mistake which checks the wrong variable in case of missing value element. This leads to dereferences a NULL pointer,...
CVE-2026-7262 NULL pointer dereference in SOAP apache:Map decoder with missing <value>
In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when a SOAP server has a typemap configured, the decoding process contains a mistake which checks the wrong variable in case of missing value element. This leads to dereferences a NULL pointer,...
CVE-2026-7262
In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when a SOAP server has a typemap configured, the decoding process contains a mistake which checks the wrong variable in case of missing value element. This leads to dereferences a NULL pointer,...
CVE-2026-7262
CVE-2026-7262 affects PHP 8.2.x before 8.2.31, 8.3.x before 8.3.31, 8.4.x before 8.4.21, and 8.5.x before 8.5.6. When a SOAP server uses a typemap, the decoding process checks the wrong variable for missing value elements, which can dereference a NULL pointer and crash the PHP SOAP server, causin...
CVE-2026-7262 NULL pointer dereference in SOAP apache:Map decoder with missing <value>
In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when a SOAP server has a typemap configured, the decoding process contains a mistake which checks the wrong variable in case of missing value element. This leads to dereferences a NULL pointer,...
CVE-2026-1461
CVE-2026-1461 affects the Simple Membership WordPress plugin (all versions up to 4.7.0) via the Stripe webhook handler. The issue is improper handling of missing values caused by validating webhook signatures only when stripe-webhook-signing-secret is configured (empty by default), enabling unaut...
WordPress plugin Simple Membership 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
net: mctp: Don't access ifa_index when missing
...
libsoup: NULL pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in Content-Disposition header
A flaw was found in libsoup, where the soupmessageheadersgetcontentdisposition function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function...
CVE-2025-3102
The SureTriggers: All-in-One Automation Platform plugin for WordPress is vulnerable to an authentication bypass leading to administrative account creation due to a missing empty value check on the 'secretkey' value in the 'autheticateuser' function in all versions up to, and including, 1.0.78. Th...
CVE-2025-3102 SureTriggers <= 1.0.78 - Authorization Bypass due to Missing Empty Value Check to Unauthenticated Administrative User Creation
The SureTriggers: All-in-One Automation Platform plugin for WordPress is vulnerable to an authentication bypass leading to administrative account creation due to a missing empty value check on the 'secretkey' value in the 'autheticateuser' function in all versions up to, and including, 1.0.78. Th...
CVE-2024-10781
The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to unauthorized Arbitrary Plugin Installation due to an missing empty value check on the 'apikey' value in the 'perform' function in all versions up to, and including, 6.44. This makes it possible for...
CVE-2024-10781
The CVE-2024-10781 entry affects the WordPress plugin CleanTalk Spam protection, Anti-Spam, FireWall (versions