PT-2026-40293

In PHP versions 8.4. before 8.4.21 and 8.5. before 8.5.6, when an encoding name containing an embedded NUL byte is passed to mb convert encoding or related mbstring functions, the code incorrectly assumes that when strncasecmp returns 0 it means the strings have the same length. This can lead to...

BIT-LIBPHP-2020-7060 global buffer-overflow in mbfl_filt_conv_big5_wchar

When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbflfiltconvbig5wchar to read past the allocated buffer. This may lead to information disclosur...

GHSA-4V57-PWVF-X35J Zendframework potential Cross-site Scripting vector in `Zend_Service_ReCaptcha_MailHide`

ZendServiceReCaptchaMailHide had a potential XSS vulnerability. Due to the fact that the email address was never validated, and because its use of htmlentities did not include the encoding argument, it was potentially possible for a malicious user aware of the issue to inject a specially crafted...

Zendframework potential Cross-site Scripting vector in `Zend_Service_ReCaptcha_MailHide`

ZendServiceReCaptchaMailHide had a potential XSS vulnerability. Due to the fact that the email address was never validated, and because its use of htmlentities did not include the encoding argument, it was potentially possible for a malicious user aware of the issue to inject a specially crafted...

PT-2023-6693 · Bitrix +1 · Bitrix24 +1

Name of the Vulnerable Software and Affected Versions: Bitrix24 version 22.0.300 Description: A logic error in the mb strpos function allows attackers to bypass XSS sanitization by placing HTML tags at the beginning of the payload, potentially leading to a cross-site scripting XSS attack. This...

SUSE CVE-2019-9023

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte data. These occur in...

SUSE CVE-2019-9025

An issue was discovered in PHP 7.3.x before 7.3.1. An invalid multibyte string supplied as an argument to the mbsplit function in ext/mbstring/phpmbregex.c can cause PHP to execute memcpy with a negative argument, which could read and write past buffers allocated for the data...

CVE-2019-9025

An issue was discovered in PHP 7.3.x before 7.3.1. An invalid multibyte string supplied as an argument to the mbsplit function in ext/mbstring/phpmbregex.c can cause PHP to execute memcpy with a negative argument, which could read and write past buffers allocated for the data...

PHP 7.3.0 Memory Corruption Vulnerability - Linux

An invalid multibyte string supplied as an argument to the mbsplit function in ext/mbstring/phpmbregex.c can cause PHP to execute memcpy with a negative argument, which could read and write past buffers allocated for the data. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might...

PHP 7.3.0 Memory Corruption Vulnerability - Windows

An invalid multibyte string supplied as an argument to the mbsplit function in ext/mbstring/phpmbregex.c can cause PHP to execute memcpy with a negative argument, which could read and write past buffers allocated for the data. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might...

CVE-2019-9025

Removed by vendor...

php: Heap-based buffer overflow in the mbstring extension via crafted string containing a HTML entity (arb code execution)

Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilterhtmlent.c in the mbstring extension in PHP 4.3.0 through 5.2.6 allows context-dependent attackers to execute arbitrary code via a crafted string containing an HTML entity, which is not properly handled during Unicode conversion,...

Directory traversal

Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing...

CVE-2008-0923

Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing...

Fedora Core 4 : mysql-4.1.20-1.FC4.1 (2006-703)

Repairs multibyte string escaping vulnerability. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Fedora Core 5 : mysql-5.0.22-1.FC5.1 (2006-702)

Repairs vulnerability in multibyte string escaping. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...