EUVD-2016-8266

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2016-3141

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in wddx.c in the WDDX extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to cause a denial of service...

SUSE CVE-2016-9935

The phpwddxpushelement function in ext/wddx/wddx.c in PHP before 5.6.29 and 7.x before 7.0.14 allows remote attackers to cause a denial of service out-of-bounds read and memory corruption or possibly have unspecified other impact via an empty boolean element in a wddxPacket XML document...

The vulnerability of the php_wddx_push_element function in the PHP interpreter allows a hacker to trigger a service failure or exert other effects.

The vulnerability of the phpwddxpushelement function in the PHP interpreter arises from reading beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures or other effects such as reading beyond the memory limit, causing memory...

php: Double Free Corruption in wddx_deserialize

Double free vulnerability in the phpwddxprocessdata function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via crafted XML data that is...

CVE-2016-5772

Removed by vendor...

PHP WDDX Serializier Data Injection Vulnerability-vulnerability warning-the black bar safety net

PHP WDDX Serializier Data Injection Vulnerability Taoguang Chen - 2014.11.2 PHP in the array is serialized into a WDDX structure of the process, there is no array key name strictly limited, can lead to falsification of the object WDDX structure. i serialize the object PHP in the object is...