The vulnerability of the `object_custom` function in the PHP programming language allows attackers to trigger a service failure or execute arbitrary code.

The vulnerability of the objectcustom function located in ext/standard/varunserializer.c in the PHP interpreter is related to errors in number processing. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code...

The vulnerability of the `ext/standard/var_unserializer.c` component in the PHP interpreter’s magic method allows a attacker to cause a service failure or potentially have other adverse effects.

The vulnerability of the ext/standard/varunserializer.c component of the PHP interpreter is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability can allow an attacker to cause service failures or potentially have other adverse effects through specially created...

EulerOS 2.0 SP8 : php (EulerOS-SA-2020-1821)

According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator function...

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2020-1542)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

php: heap use after free in ext/standard/var_unserializer.re

ext/standard/varunserializer.re in PHP 7.0.x before 7.0.21 and 7.1.x before 7.1.7 is prone to a heap use after free while unserializing untrusted data, related to the zvalgettype function in Zend/zendtypes.h. Exploitation of this issue can have an unspecified impact on the integrity of PHP...

UBUNTU-CVE-2016-10161

The objectcommon1 function in ext/standard/varunserializer.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service buffer over-read and application crash via crafted serialized data that is mishandled in a finishnesteddata call...

PHP < 5.6.26 DoS Vulnerability - Linux

PHP is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

PHP < 5.6.26 DoS Vulnerability - Windows

PHP is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

PHP 'process_nested_data' function memory misreference vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...