540 matches found
UBUNTU-CVE-2017-17813
In Netwide Assembler NASM 2.14rc0, there is a use-after-free in the pplistonemacro function in asm/preproc.c that will cause a remote denial of service attack, related to mishandling of line-syntax errors...
UBUNTU-CVE-2017-17818
In Netwide Assembler NASM 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in pastetokens in asm/preproc.c...
UBUNTU-CVE-2017-17814
In Netwide Assembler NASM 2.14rc0, there is a use-after-free in dodirective in asm/preproc.c that will cause a remote denial of service attack...
UBUNTU-CVE-2017-17820
In Netwide Assembler NASM 2.14rc0, there is a use-after-free in pplistonemacro in asm/preproc.c that will lead to a remote denial of service attack, related to mishandling of operand-type errors...
Trend Micro OfficeScan Information Disclosure Vulnerability
Trend Micro OfficeScan is a best-of-breed endpoint security solution for mid-sized and large organizations, with a future-proof, resilient architecture that allows you to customize your threat protection and data protection through plug-ins. An information disclosure vulnerability exists in Trend...
Arbitrary file download vulnerability in EasyAdmin /application/index/controller/index.php page
EasyAdmin is a free and open source community program based on the LayUI template, with a ThinkPHP5 framework for backend support. An arbitrary file download vulnerability exists in the EasyAdmin /application/index/controller/index.php page. An attacker can download system configuration files by...
DEBIAN-CVE-2017-14228
In Netwide Assembler NASM 2.14rc0, there is an illegal address access in the function pastetokens in preproc.c, aka a NULL pointer dereference. It will lead to remote denial of service...
Null pointer dereference
In Netwide Assembler NASM 2.14rc0, there is an illegal address access in the function pastetokens in preproc.c, aka a NULL pointer dereference. It will lead to remote denial of service...
UBUNTU-CVE-2017-14228
In Netwide Assembler NASM 2.14rc0, there is an illegal address access in the function pastetokens in preproc.c, aka a NULL pointer dereference. It will lead to remote denial of service...
Code Execution Vulnerability in ESPCMS
ESPCMS is an enterprise website management system built on LAMP development. A code execution vulnerability exists in ESPCMS. An attacker can exploit this vulnerability to execute arbitrary php statements...
CMS Made Simple Upload Vulnerability (CNVD-2017-24997)
CMS Made Simple CMSMS is an open source content management system CMS developed by the CMSMS team. The system supports role-based rights management system , wizard-based installation and update mechanism , intelligent caching mechanism and so on. A security vulnerability exists in CMSMS version...
PHP Information Disclosure Vulnerability (CNVD-2017-22594)
PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. A security vulnerability exists in PHP versions prior to 5.6.31, 7.x prior to 7.0.21, and 7.1.x prior to 7.1.7, which stems from a lack of bound...
DEBIAN-CVE-2017-11111
In Netwide Assembler NASM 2.14rc0, preproc.c allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted file...
DEBIAN-CVE-2016-3124
The sanitycheck module in SimpleSAMLphp before 1.14.1 allows remote attackers to learn the PHP version on the system via unspecified vectors...
PHP 'process_nested_data()' Remote Code Execution Vulnerability
PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...
PHP 'ext/pcre/php_pcre.c' Information Disclosure Vulnerability
PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. PHP...
php: Use After Free Vulnerability in PHP's GC algorithm and unserialize
splarray.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free and application crash via crafted...
PHP 'zend_symtable_clean()' function out-of-bounds read denial of service vulnerability
PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. PHP...
PHP 'gdImageAALine()' Integer Overflow Vulnerability
PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. An...
PHP Denial of Service Vulnerability (CNVD-2016-07712)
PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...