Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

SUSE CVE
SUSE CVEadded 2023/02/15 5:27 a.m.2 views

SUSE CVE-2014-4698

Use-after-free vulnerability in ext/spl/splarray.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applications in certain web-hosting environments...

4.6CVSS7.7AI score0.00491EPSS
Exploits0References6
BDU FSTEC
BDU FSTECadded 2022/04/20 12:0 a.m.0 views

The vulnerability of the ext/spl/spl_array.c component of the PHP interpreter allows a attacker to cause a service failure or potentially cause other effects.

The vulnerability of the ext/spl/splarray.c component of the PHP interpreter exists due to insufficient checking of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures or potentially have other adverse effects using specially created serialized data...

10CVSS0.01858EPSS
Exploits1References11Affected Software3
RedHat Linux
RedHat Linuxadded 2016/11/15 11:40 a.m.2 views

php: Use After Free Vulnerability in PHP's GC algorithm and unserialize

splarray.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free and application crash via crafted...

9.8CVSS7.6AI score0.09582EPSS
Exploits5References4
CNVD
CNVDadded 2015/09/22 12:0 a.m.2 views

PHP 'spl_array.c' Remote Code Execution Vulnerability

PHP PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. A remote code execution vulnerability exists in PHP. An attacker could exploit this vulnerability to execute...

7.5CVSS8.8AI score0.01536EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2014/10/30 7:45 p.m.1 views

php: unserialize() SPL ArrayObject / SPLObjectStorage type confusion flaw

A type confusion issue was found in the SPL ArrayObject and SPLObjectStorage classes' unserialize method. A remote attacker able to submit specially crafted input to a PHP application, which would then unserialize this input using one of the aforementioned methods, could use this flaw to execute...

7.5CVSS7.6AI score0.48662EPSS
Exploits4References4
OSV
OSVadded 2014/07/04 12:0 a.m.0 views

UBUNTU-CVE-2014-4698

Use-after-free vulnerability in ext/spl/splarray.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applications in certain web-hosting environments...

4.6CVSS7.2AI score0.00491EPSS
Exploits0References3
Rows per page
Query Builder