49 matches found
CVE-2016-1000006
hhvm before 3.12.11 has a use-after-free in the serializememoizeparam and ResourceBundle::construct functions...
PHP 5.6.x < 5.6.27 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.27. It is, therefore, affected by multiple vulnerabilities : - A NULL pointer dereference flaw exists in the SimpleXMLElement::asXML function within file ext/simplexml/simplexml.c. An unauthenticate...
Directory traversal
An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. The Intl component includes various bundle readers that are used to read resource bundles from the local filesystem. The read methods of these classes use a path and a locale to determine the...
Tenable SecurityCenter PHP < 5.6.27 Multiple Vulnerabilities
The Tenable SecurityCenter application installed on the remote host is missing a security patch. It is, therefore, affected by multiple vulnerabilities in the bundled version of PHP : - A use-after-free error exists in the unserialize function that allows an unauthenticated, remote attacker to...
PHP 7.0.x < 7.0.12 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.12. It is, therefore, affected by multiple vulnerabilities : - A NULL pointer dereference flaw exists in the SimpleXMLElement::asXML function within file ext/simplexml/simplexml.c. An unauthenticate...
PHP 5.6.x < 5.6.27 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.27. It is, therefore, affected by multiple vulnerabilities : - A NULL pointer dereference flaw exists in the SimpleXMLElement::asXML function within file ext/simplexml/simplexml.c. An unauthenticate...
Internet Bug Bounty: stack-buffer-overflow through "ResourceBundle" methods
Upstream Bug --- https://bugs.php.net/bug.php?id=73218 Summary -- ResourceBundle::create and ResourceBundle::getLocales methods and their respective functions are vulnerables to stack buffer overflow when bundlename parameter length is equal or close to 0x7fffffff, due to a type confusion in...
OpenJDK: LogRecord use of incorrect CL when loading ResourceBundle (Libraries, 8042797)
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Libraries...
OpenJDK: insufficient ResourceBundle name check (Libraries, 8044274)
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Libraries...
OpenJDK: LogRecord use of incorrect CL when loading ResourceBundle (Libraries, 8042797)
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Libraries...
OpenJDK: insufficient ResourceBundle name check (Libraries, 8044274)
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Libraries...
OpenJDK: insufficient ResourceBundle name check (Libraries, 8044274)
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Libraries...
OpenJDK: insufficient ResourceBundle name check (Libraries, 8044274)
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Libraries...
OpenJDK: LogRecord use of incorrect CL when loading ResourceBundle (Libraries, 8042797)
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Libraries...
OpenJDK: insufficient ResourceBundle name check (Libraries, 8044274)
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Libraries...
OpenJDK: LogRecord use of incorrect CL when loading ResourceBundle (Libraries, 8042797)
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Libraries...
OpenJDK: insufficient ResourceBundle name check (Libraries, 8044274)
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Libraries...
Oracle Java SE JRE Multiple Unspecified Vulnerabilities-01 (Oct 2014) - Windows
Oracle Java SE JRE is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OpenJDK: LogRecord use of incorrect CL when loading ResourceBundle (Libraries, 8042797)
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Libraries...
OpenJDK: LogRecord use of incorrect CL when loading ResourceBundle (Libraries, 8042797)
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Libraries...