Lucene search
K

422 matches found

RedHat Linux
RedHat Linux
added 2013/01/08 9:28 p.m.6 views

Mozilla: Use-after-free in serializeToStream (MFSA 2013-16)

Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before...

9.3CVSS8AI score0.51324EPSS
Exploits8References5
RedHat Linux
RedHat Linux
added 2013/01/08 9:10 p.m.4 views

Mozilla: Use-after-free in serializeToStream (MFSA 2013-16)

Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before...

9.3CVSS8AI score0.51324EPSS
Exploits8References5
Ubuntu
Ubuntu
added 2012/06/18 3:8 p.m.52 views

USN-1480-1: Raptor vulnerability

Timothy D. Morgan discovered that Raptor would unconditionally load XML external entities. If a user were tricked into opening a specially crafted document in an application linked against Raptor, an attacker could possibly obtain access to arbitrary files on the user's system or potentially...

6.5CVSS6.9AI score0.13682EPSS
Exploits2
OpenVAS
OpenVAS
added 2012/04/30 12:0 a.m.22 views

Debian Security Advisory DSA 2438-1 (raptor)

The remote host is missing an update to raptor announced via advisory DSA 2438-1. OpenVAS Vulnerability Test $Id: deb24381.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2438-1 raptor Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

4.3CVSS6.6AI score0.13682EPSS
Exploits2
OSV
OSV
added 2012/03/22 12:0 a.m.11 views

DSA-2438-1 raptor - programming error

Bulletin has no description...

6.5CVSS6.4AI score0.13682EPSS
Exploits2
0day.today
0day.today
added 2012/03/07 12:0 a.m.33 views

Symfony 2 Unauthenticated Information Disclosure

Exploit for php platform in category web applications Vendor Notification Date. 24-Feb-2012 Product. Symfony2 Platform. PHP Affected versions. 2.0.x - 2.0.10 Severity Rating. Medium Impact. Exposure of sensitive information Attack Vector. Remote without authentication Solution Status. Vendor patc...

7.1AI score
Exploits0
0day.today
0day.today
added 2012/03/05 12:0 a.m.39 views

Symfony2 Local File Disclosure

Exploit for php platform in category web applications Release Date. 05-Mar-2012 Vendor Notification Date. 24-Feb-2012 Product. Symfony2 Platform. PHP Affected versions. 2.0.x - 2.0.10 Severity Rating. Medium Impact. Exposure of sensitive information Attack Vector. Remote without authentication...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2012/03/05 12:0 a.m.49 views

Symfony 2 Unauthenticated Information Disclosure

Sense of Security - Security Advisory - SOS-12-002 Release Date. 05-Mar-2012 Last Update. - Vendor Notification Date. 24-Feb-2012 Product. Symfony2 Platform. PHP Affected versions. 2.0.x - 2.0.10 Severity Rating. Medium Impact. Exposure of sensitive information Attack Vector. Remote without...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2012/03/05 12:0 a.m.42 views

Symfony2 - Local File Disclosure

Sense of Security - Security Advisory - SOS-12-002 Release Date. 05-Mar-2012 Last Update. - Vendor Notification Date. 24-Feb-2012 Product. Symfony2 Platform. PHP Affected versions. 2.0.x - 2.0.10 Severity Rating. Medium Impact. Exposure of sensitive information Attack Vector. Remote without...

7.4AI score
Exploits0
Symfony
Symfony
added 2012/02/24 12:0 a.m.19 views

Security Release: Symfony 2.0.11 released

Symfony 2.0.11 has just been released and it contains a security vulnerability fix for the Serializer Component. If you are using the Serializer component, you should upgrade as soon as possible. The security vulnerability has been reported this morning by Sense of Security: "The XMLEncoder...

7.2AI score
Exploits0
OpenVAS
OpenVAS
added 2010/12/09 12:0 a.m.34 views

RedHat Update for php RHSA-2010:0919-01

Check for the Version of php OpenVAS Vulnerability Test RedHat Update for php RHSA-2010:0919-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

6.8CVSS8.6AI score0.11528EPSS
Exploits7References2
OpenVAS
OpenVAS
added 2010/12/09 12:0 a.m.36 views

CentOS Update for php CESA-2010:0919 centos4 i386

Check for the Version of php OpenVAS Vulnerability Test CentOS Update for php CESA-2010:0919 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

6.8CVSS8.4AI score0.11528EPSS
Exploits7References2
Cent OS
Cent OS
added 2010/11/30 12:21 p.m.118 views

php security update

CentOS Errata and Security Advisory CESA-2010:0919 Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS...

6.8CVSS7.2AI score0.11528EPSS
Exploits7References8
RedHat Linux
RedHat Linux
added 2010/11/29 9:31 p.m.3 views

php: session serializer session data injection vulnerability (MOPS-2010-060)

The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PSUNDEFMARKER marker, which allows context-dependent attackers to modify arbitrary session variables via a crafted session variable name...

5CVSS5.9AI score0.0219EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2010/08/23 12:0 a.m.48 views

Debian DSA-2089-1 : php5 - several vulnerabilities

Several remote vulnerabilities have been discovered in PHP 5, an hypertext preprocessor. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-1917 The fnmatch function can be abused to conduct denial of service attacks by crashing the interpreter by the...

7.5CVSS9.1AI score0.07937EPSS
Exploits4References8
NVD
NVD
added 2010/08/20 8:0 p.m.25 views

CVE-2010-3065

The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PSUNDEFMARKER marker, which allows context-dependent attackers to modify arbitrary session variables via a crafted session variable name...

5CVSS9.4AI score0.0219EPSS
Exploits1References7
Prion
Prion
added 2010/08/20 8:0 p.m.17 views

Default configuration

The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PSUNDEFMARKER marker, which allows context-dependent attackers to modify arbitrary session variables via a crafted session variable name...

5CVSS7AI score0.0219EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2010/08/20 7:0 p.m.27 views

CVE-2010-3065

The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PSUNDEFMARKER marker, which allows context-dependent attackers to modify arbitrary session variables via a crafted session variable name...

9.4AI score0.0219EPSS
Exploits1References7
CVE
CVE
added 2010/08/20 7:0 p.m.109 views

CVE-2010-3065

CVE-2010-3065 affects PHP’s default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2, where PS_UNDEF_MARKER is not handled properly. This allows context-dependent attackers to modify arbitrary session variables via crafted session variable names. Several connected advisories and...

5CVSS9.2AI score0.0219EPSS
Exploits1References7Affected Software1
UbuntuCve
UbuntuCve
added 2010/08/20 12:0 a.m.27 views

CVE-2010-3065

The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PSUNDEFMARKER marker, which allows context-dependent attackers to modify arbitrary session variables via a crafted session variable name...

5CVSS6.1AI score0.0219EPSS
Exploits1References4
Rows per page
Query Builder