Lucene search
K

106 matches found

Hacker One
Hacker One
added 2016/05/26 3:11 p.m.26 views

Internet Bug Bounty: Integer underflow / arbitrary null write in fread/gzread

https://bugs.php.net/bug.php?id=72114 Integer underflow in the fread/gzread length parameter allows to write an arbitrary null byte on 64 bit platforms. This was identified with the help of ASAN and a custom fuzzer. gdb run gzread2.php Starting program: /home/operac/php/php-56/sapi/cli/php...

7AI score
Exploits0
UbuntuCve
UbuntuCve
added 2016/05/22 1:59 a.m.27 views

CVE-2015-8878

main/phpopentemporaryfile.c in PHP before 5.5.28 and 5.6.x before 5.6.12 does not ensure thread safety, which allows remote attackers to cause a denial of service race condition and heap memory corruption by leveraging an application that performs many temporary-file accesses...

7.1CVSS6.6AI score0.01247EPSS
Exploits0References2
Prion
Prion
added 2016/05/20 11:0 a.m.17 views

Code injection

The Phar extension in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via a crafted filename, as demonstrated by mishandling of \0 characters by the pharanalyzepath function in ext/phar/phar.c...

7.5CVSS8AI score0.05932EPSS
Exploits0References17Affected Software2
CVE
CVE
added 2016/05/16 10:0 a.m.317 views

CVE-2015-6835

CVE-2015-6835 affects PHP session deserialization. The session deserializer mishandles multiple php_var_unserialize calls, allowing use-after-free via crafted session data and enabling remote code execution or DoS. Affected: PHP 5.4.45 and 5.5.x before 5.5.29, 5.6.x before 5.6.13. Mitigation: upg...

9.8CVSS8.5AI score0.36992EPSS
Exploits3References6Affected Software1
Hacker One
Hacker One
added 2016/04/29 3:38 a.m.33 views

Internet Bug Bounty: xml_parse_into_struct segmentation fault

https://bugs.php.net/bug.php?id=72099 Invalid memory access while parsing XML input using xmlparseintostruct, parser-level wasn't being checked and then used as an offset parser-ltagsparser-level-1. Reported to developers on 2016-04-25, fixed 2016-04-25 and released at 2016-04-28, affected PHP 5....

7AI score
Exploits0
Hacker One
Hacker One
added 2016/04/29 3:23 a.m.24 views

Internet Bug Bounty: Out-of-bounds reads in zif_grapheme_stripos with negative offset

https://bugs.php.net/bug.php?id=72061 graphemestripos from the intl extension had a security issue when handling negative offsets, this allowed to read from arbitrary memory locations. Reported to developers on 2016-04-24, fixed 2016-04-29 and released at 2016-04-28, affected PHP 5.5 , 5.6 and 7...

6.9AI score
Exploits0
Prion
Prion
added 2016/04/12 3:59 p.m.16 views

Code injection

Drupal 6.x before 6.38, when used with PHP before 5.4.45, 5.5.x before 5.5.29, or 5.6.x before 5.6.13, might allow remote attackers to execute arbitrary code via vectors related to session data truncation...

6.8CVSS8.3AI score0.0319EPSS
Exploits0References4Affected Software2
Debian CVE
Debian CVE
added 2016/04/12 3:0 p.m.60 views

CVE-2016-3171

Removed by vendor...

8.1CVSS8.1AI score0.0319EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/04/08 12:0 a.m.8 views

PHP 5.6.x < 5.6.19 Denial of Service

Binary data 9175.prm...

7.3AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/04/06 12:0 a.m.257 views

PHP 5.6.x < 5.6.20 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.20. It is, therefore, affected by multiple vulnerabilities : - A buffer over-write condition exists in the finfoopen function due to improper validation of magic files. An unauthenticated, remote...

9.8CVSS8.7AI score0.19455EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2016/02/11 12:0 a.m.118 views

PHP 5.6.x < 5.6.18 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.18. It is, therefore, affected by multiple vulnerabilities : - The Perl-Compatible Regular Expressions PCRE library is affected by multiple vulnerabilities related to the handling of regular...

10CVSS8.8AI score0.10997EPSS
Exploits5References13
Tenable Nessus
Tenable Nessus
added 2016/01/29 12:0 a.m.9 views

PHP 5.6.x < 5.6.13 Use-After-Free Vulnerability

Binary data 9066.prm...

7.3AI score
Exploits0References3
Debian
Debian
added 2015/10/27 6:43 p.m.40 views

[SECURITY] [DSA 3380-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3380-1 [email protected] https://www.debian.org/security/ Florian Weimer October 27, 2015 https://www.debian.org/security/faq -...

6.8CVSS8.3AI score0.10288EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/09/10 12:0 a.m.338 views

PHP 5.6.x < 5.6.13 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.13. It is, therefore, affected by multiple vulnerabilities : - A directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/phpzip.c could allow a remote attacker to create...

9.8CVSS7.7AI score0.46801EPSS
Exploits8References7
exploitpack
exploitpack
added 2015/09/09 12:0 a.m.13 views

PHP 5.45.55.6 - SplDoublyLinkedList Unserialize() Use-After-Free

PHP 5.45.55.6 - SplDoublyLinkedList Unserialize Use-After-Free Yet Another Use After Free Vulnerability in unserialize with SplDoublyLinkedList Taoguang Chen - Write Date: 2015.8.27 Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with SplDoublyLinkedList object...

0.2AI score
Exploits0
0day.today
0day.today
added 2015/09/09 12:0 a.m.18 views

PHP unserialize() Use-After-Free Vulnerabilities

Exploit for php platform in category dos / poc Use After Free Vulnerabilities in unserialize Taoguang Chen Write Date: 2015.7.31 Release Date: 2015.9.4 Multiple use-after-free vulnerabilities were discovered in unserialize with Serializable class that can be abused for leaking arbitrary memory...

7AI score
Exploits0
exploitpack
exploitpack
added 2015/09/09 12:0 a.m.23 views

PHP Session Deserializer - Use-After-Free

PHP Session Deserializer - Use-After-Free Use After Free Vulnerabilities in Session Deserializer Taoguang Chen Write Date: 2015.8.9 Release Date: 2015.9.4 Multiple use-after-free vulnerabilities were discovered in session deserializer php/phpbinary/phpserialize that can be abused for leaking...

0.3AI score
Exploits0
0day.today
0day.today
added 2015/09/09 12:0 a.m.16 views

PHP SplObjectStorage unserialize() Use-After-Free Vulnerabilities

Exploit for php platform in category dos / poc Yet Another Use After Free Vulnerability in unserialize with SplObjectStorage Taoguang Chen Write Date: 2015.8.27 Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with SplObjectStorage object's deserialization and...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2015/09/09 12:0 a.m.29 views

PHP 5.4/5.5/5.6 - &#039;Unserialize()&#039; Use-After-Free

Use After Free Vulnerabilities in unserialize Taoguang Chen Write Date: 2015.7.31 Release Date: 2015.9.4 Multiple use-after-free vulnerabilities were discovered in unserialize with Serializable class that can be abused for leaking arbitrary memory blocks or execute arbitrary code remotely. Affect...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2015/09/09 12:0 a.m.18 views

PHP GMP - &#039;unserialize()&#039; Use-After-Free

Use After Free Vulnerability in unserialize with GMP Taoguang Chen Write Date: 2015.8.17 Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with GMP object's deserialization that can be abused for leaking arbitrary memory blocks or execute arbitrary code remotely...

7.4AI score
Exploits0
Rows per page
Query Builder