Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

SUSE CVE
SUSE CVEadded 2023/02/15 4:58 a.m.1 views

SUSE CVE-2016-7479

In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution...

9.8CVSS8.1AI score0.21629EPSS
Exploits1References7
SUSE CVE
SUSE CVEadded 2023/02/15 4:41 a.m.1 views

SUSE CVE-2017-12934

ext/standard/varunserializer.re in PHP 7.0.x before 7.0.21 and 7.1.x before 7.1.7 is prone to a heap use after free while unserializing untrusted data, related to the zvalgettype function in Zend/zendtypes.h. Exploitation of this issue can have an unspecified impact on the integrity of PHP...

7.5CVSS9.7AI score0.00408EPSS
Exploits0References4
EUVD
EUVDadded 2022/05/14 3:27 a.m.2 views

EUVD-2016-8332

In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution...

9.8CVSS9.1AI score0.21629EPSS
Exploits1References12
OSV
OSVadded 2021/03/11 1:15 a.m.1 views

UBUNTU-CVE-2020-1900

When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of the dynamic property array before inserting anything into it. Otherwise the array might resize, invalidating previously stored references. This pre-reservation was not occurring in HHVM prior to v4.32....

9.8CVSS5.8AI score0.00806EPSS
Exploits0References4
canvas
canvasadded 2019/02/21 9:29 p.m.51 views

Immunity Canvas: DRUPAL_SERVICES_RCE

Name| drupalservicesrce ---|--- CVE| CVE-2019-6340 Exploit Pack| CANVAS Description| CVE-2019-6340 Notes| CVE Name: CVE-2019-6340 VENDOR: Drupal NOTES: An unauthenticated unserialization bug can be exploited on the RESTful Web Services module on the Drupal core for the following versions: 7.X...

6.8CVSS2.1AI score0.9441EPSS
Exploits22
OSV
OSVadded 2017/01/11 12:0 a.m.0 views

UBUNTU-CVE-2016-7479

In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution...

9.8CVSS7.6AI score0.21629EPSS
Exploits1References7
OSV
OSVadded 2015/08/27 12:0 a.m.0 views

UBUNTU-CVE-2015-6831

Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allow remote attackers to execute arbitrary code via vectors involving 1 ArrayObject, 2 SplObjectStorage, and 3 SplDoublyLinkedList, which are mishandled during unserialization...

7.3CVSS7.5AI score0.01156EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2015/06/25 8:31 a.m.2 views

php: Incomplete Class unserialization type confusion

A flaw was discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize function could cause a PHP application to crash or, possibly, execute arbitrary code...

10CVSS7.4AI score0.11011EPSS
Exploits1References4
Rows per page
Query Builder