Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-29251

Malicious code in bioql PyPI...

6.6AI score
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2025/10/02 6:11 a.m.5 views

The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging a script's use of .= with a long string.

...

9.8CVSS9.3AI score0.07191EPSS
Exploits1
OSV
OSV
added 2025/09/15 1:57 p.m.4 views

GHSA-GFXP-F68G-8X78 LibYML: `libyml::string::yaml_string_extend` is unsound and unmaintained

In version 0.0.4, libyml::string::yamlstringextend was revised resulting in undefined behaviour, which is unsound. The GitHub project for libyml was archived after unsoundness issues were raised. If you rely on this crate, it is highly recommended switching to a maintained alternative. Recommende...

8.7CVSS5.9AI score
Exploits0References3
RustSec
RustSec
added 2025/09/11 12:0 p.m.13 views

`libyml::string::yaml_string_extend` is unsound and unmaintained

In version 0.0.4, libyml::string::yamlstringextend was revised resulting in undefined behaviour, which is unsound. The GitHub project for libyml was archived after unsoundness issues were raised. If you rely on this crate, it is highly recommended switching to a maintained alternative. Recommende...

7.1AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 4:45 a.m.5 views

SUSE CVE-2017-8923

The zendstringextend function in Zend/zendstring.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact by leveraging a script's use ...

5.3CVSS10AI score0.07191EPSS
Exploits1References12
BDU FSTEC
BDU FSTEC
added 2017/08/10 12:0 a.m.9 views

The vulnerability of the zend_string_extend function in the PHP interpreter allows a attacker to cause a service failure or exert other effects.

The vulnerability of the zendstringextend function in the PHP interpreter is related to insufficient control over modifications to object instances of the sequence type. Exploiting this vulnerability could allow a malicious actor to cause service failures or other adverse effects e.g., terminatio...

7.5CVSS6.8AI score0.07191EPSS
Exploits1References3Affected Software1
CNVD
CNVD
added 2017/05/17 12:0 a.m.43 views

PHP Denial of Service Vulnerability (CNVD-2017-06940)

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...

9.8CVSS6.6AI score0.07191EPSS
Exploits1References1
OSV
OSV
added 2017/05/12 8:29 p.m.5 views

UBUNTU-CVE-2017-8923

The zendstringextend function in Zend/zendstring.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact by leveraging a script's use ...

9.8CVSS6.8AI score0.07191EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2017/05/12 12:0 a.m.19 views

PT-2017-2598

Name of the Vulnerable Software and Affected Versions PHP versions through 7.1.5 Description The issue is related to the zend string extend function in PHP, which does not prevent changes to string objects that result in a negative length. This allows remote attackers to cause a denial of service...

9.8CVSS7.2AI score0.9947EPSS
Exploits103References101
Rows per page
Query Builder