PHP 代码问题漏洞

PHP is an open-source scripting language executed on the server side. There were code vulnerabilities in versions prior to PHP 8.2.31, 8.3.31, 8.4.21, and 8.5.6. These vulnerabilities stemmed from a flaw where, when the SOAP server was configured with type mapping, incorrect variables were checke...

Improper Handling of Missing Values

Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Improper Handling of Missing Values password reset flow in account.service.ts. An attacker can reset another user’s password by supplying a crafted reset request with an invalid or missing temporary token a...

WordPress Simple Membership plugin <= 4.7.0 - Unauthenticated Improper Handling of Missing Values vulnerability

Unauthenticated Improper Handling of Missing Values vulnerability discovered by 0N0ise - cert.pl in WordPress Plugin Simple Membership versions = 4.7.0...

CVE-2026-1461

The Simple Membership plugin for WordPress is vulnerable to Improper Handling of Missing Values in all versions up to, and including, 4.7.0 via the Stripe webhook handler. This is due to the plugin only validating webhook signatures when the stripe-webhook-signing-secret setting is configured,...

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature via incomplete validation of attestation documents in the attestation verification process. An attacker can cause clients to trust enclaves that do not meet expected integrity guarantees ...

Linux Distros Unpatched Vulnerability : CVE-2019-9211

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a reachable assertion abort in the function writelongstringmissingvalues in data/sys-file- writer.c in libdata.a in GNU PSPP 1.2.0 that will lead to...

Improper Handling of Missing Values in Wireshark

...

CVE-2023-1697

An Improper Handling of Missing Values vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause a dcpfe process core and thereby a Denial of Service DoS. Continued receipt of these specific frames will cause a sustained...

SUSE CVE-2019-9211

There is a reachable assertion abort in the function writelongstringmissingvalues in data/sys-file-writer.c in libdata.a in GNU PSPP 1.2.0 that will lead to denial of service...

CVE-2022-22562

Dell PowerScale OneFS, versions 8.2.0-9.3.0, contain a improper handling of missing values exploit. An unauthenticated network attacker could potentially exploit this denial-of-service vulnerability...

Input validation

Dell PowerScale OneFS, versions 8.2.0-9.3.0, contain a improper handling of missing values exploit. An unauthenticated network attacker could potentially exploit this denial-of-service vulnerability...

CVE-2022-22562

Dell PowerScale OneFS, versions 8.2.0-9.3.0, contain a improper handling of missing values exploit. An unauthenticated network attacker could potentially exploit this denial-of-service vulnerability...

GHSA-FMM9-3GV8-58F4 Improper Handling of Missing Values in kaml

Impact Attackers that could provide arbitrary YAML input to an application that uses kaml could cause the application to endlessly loop while parsing the input. This could result in resource starvation and denial of service. This only affects applications that use polymorphic serialization with t...

Improper Handling of Missing Values in kaml

Impact Attackers that could provide arbitrary YAML input to an application that uses kaml could cause the application to endlessly loop while parsing the input. This could result in resource starvation and denial of service. This only affects applications that use polymorphic serialization with t...

GNU PSPP Denial of Service Vulnerability

GNU PSPP is the program used for statistical analysis of sampling data. A security vulnerability exists in the writelongstringmissingvalues function in data/sys-file-writer.c in libdata.a in GNU PSPP 1.2.0. An attacker could exploit this vulnerability to cause a denial of service...

DEBIAN-CVE-2019-9211

There is a reachable assertion abort in the function writelongstringmissingvalues in data/sys-file-writer.c in libdata.a in GNU PSPP 1.2.0 that will lead to denial of service...

Microsoft Edge Chakra JIT - Type Confusion

/ The switch statement only handles Js::TypeIdsArray but not Js::TypeIdsNativeIntArray and Js::TypeIdsNativeFloatArray. So for example, a native float array can be considered as of type ObjectType::Object under certain circumstances where "objValueType.IsLikelyArrayOrObjectWithArray" is not...