UBUNTU-CVE-2026-7261

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when SoapServer is configured with SOAPPERSISTENCESESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the persistanc...

EUVD-2026-28970

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when SoapServer is configured with SOAPPERSISTENCESESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the persistanc...

CVE-2026-7261 SoapServer session-persisted object use-after-free via SOAP header fault

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when SoapServer is configured with SOAPPERSISTENCESESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the persistanc...

CVE-2026-7261

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when SoapServer is configured with SOAPPERSISTENCESESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the persistanc...

Importing an Existing vDisk in Provisioning Services Console Causes Error

When importing a vDisk using theProvisioning Services PVSServer Console, the error “Invalid disk file for . Cannot add disk” appears. The SoapServer.log displays the following text, if Info level logging is enabled: INFO Mapi.Command - Get UndefinedDisks: Disk is not valid, needs to be a base .vh...

The memory usage for SoapServer and StreamService keeps increasing slowly in the PVS server

According to our observation, the memory usage for SoapServer and StreamService keeps increasing slowly in the PVS server. The whole memory usage of that server is low. memory usage meansPrivate Working Set + Shared Working Set...

Alienvault OSSIM av-centerd 4.7.0 - 'get_log_line' Command Injection (Metasploit)

require 'msf/core' require 'rexml/document' class MetasploitModule 'Alienvault OSSIM av-centerd Command Injection getlogline', 'Description' = %q This module exploits a command injection flaw found in the getlogline function found within Util.pm. The vulnerability is triggered due to an unsanitiz...

PT-2013-14: XML External Entities Injection in PHP

The specialists of Positive Technologies have detected an "XXE" vulnerability in PHP. The vulnerability was detected in the PHP's built-in SoapClient and SoapServer classes. PHP allows the use of external entities while parsing SOAP wsdl files which allows an attacker to read arbitrary files. If ...

Citrix Provisioning Services SoapServer Buffer Overflow Vulnerability

Citrix Provisioning Services is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Citrix Provisioning Services SoapServer Buffer Overflow Vulnerability

This host is installed with Citrix Provisioning Services and is prone to buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbcitrixprovisioningservicessoapserverbofvuln.nasl 5956 2017-04-14 09:02:12Z teissa $ Citrix Provisioning Services SoapServer Buffer Overflow Vulnerability...

CVE-2012-4068

Heap-based buffer overflow in the SoapServer service in Citrix Provisioning Services 5.0, 5.1, 5.6, 5.6 SP1, 6.0, and 6.1 allows remote attackers to execute arbitrary code via a crafted string associated with date and time data...

CVE-2012-4068

Heap-based buffer overflow in the SoapServer service in Citrix Provisioning Services 5.0, 5.1, 5.6, 5.6 SP1, 6.0, and 6.1 allows remote attackers to execute arbitrary code via a crafted string associated with date and time data...

CVE-2012-4068

CVE-2012-4068 affects Citrix Provisioning Services’ SoapServer, where a heap-based buffer overflow is triggered by a crafted date/time string in multiple versions (5.0, 5.1, 5.6, 5.6 SP1, 6.0, 6.1). The underlying issue is improper input handling during parsing of date/time data, enabling a remot...

Citrix Provisioning Services Unspecified Request Parsing Remote Code Execution (CTX133039) (uncredentialed check)

The version of Citrix Provisioning Services running on the remote Windows host is affected by a remote code execution vulnerability in the SoapServer service due to improper validation of user-supplied input when parsing date and time strings. An unauthenticated, remote attacker can exploit this ...

Citrix Provisioning Services SoapServer RCE (CTX133039)

The version of Citrix Provisioning Services running on the remote Windows host is affected by a remote code execution vulnerability in the SoapServer service due to an overflow condition caused by improper validation of user-supplied input when parsing date and time strings. An unauthenticated,...