202 matches found
EUVD-2016-8271
Malware in sbrugna...
EUVD-2016-8008
Malware in sbrugna...
EUVD-2016-1350
Malware in sbrugna...
EUVD-2016-8266
Malware in sbrugna...
EUVD-2007-1377
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2016-6875
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Infinite recursion in wddx in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors. CVE-2016-6875 Note that Nessus relies...
Linux Distros Unpatched Vulnerability : CVE-2017-11143
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP before 5.6.31, an invalid free in the WDDX deserialization of boolean parameters could be used by attackers able to inject XML for deserialization to cra...
Linux Distros Unpatched Vulnerability : CVE-2016-3141
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in wddx.c in the WDDX extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to cause a denial of service...
K000141317: PHP vulnerabilities CVE-2017-9225, CVE-2017-8923, CVE-2016-7413, CVE-2016-9935, and CVE-2016-7417
Security Advisory Description CVE-2017-9225 An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds write in onigencunicodegetcasefoldcodesbystr occurs during regular expression compilation. Code point...
openSUSE: Security Advisory for php7 (SUSE-SU-2023:0084-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-44353 ColdFusion WDDX Deserialization Gadgets
Adobe ColdFusion versions 2023.5 and earlier and 2021.11 and earlier are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction...
SUSE CVE-2007-0908
The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not properly initialize the keylength variable for a numerical key, which allows context-dependent attackers to read stack memory via a wddxPacket element that contains a variable with a string name befo...
SUSE CVE-2016-3141
Use-after-free vulnerability in wddx.c in the WDDX extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact by triggering a wddxdeserialize call on XML data...
SUSE CVE-2016-5772
Double free vulnerability in the phpwddxprocessdata function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via crafted XML data that is...
SUSE CVE-2016-7129
The phpwddxprocessdata function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other impact via an invalid ISO 8601 time value, as demonstrated by a wddxdeserialize call that...
SUSE CVE-2016-7130
The phpwddxpopelement function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service NULL pointer dereference and application crash or possibly have unspecified other impact via an invalid base64 binary value, as demonstrated by a...
SUSE CVE-2016-7131
ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service NULL pointer dereference and application crash or possibly have unspecified other impact via a malformed wddxPacket XML document that is mishandled in a wddxdeserialize call, as...
SUSE CVE-2016-7132
ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service NULL pointer dereference and application crash or possibly have unspecified other impact via an invalid wddxPacket XML document that is mishandled in a wddxdeserialize call, as...
SUSE CVE-2016-7413
Use-after-free vulnerability in the wddxstackdestroy function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a wddxPacket XML document that lacks an end-tag for a recordset field...
SUSE CVE-2016-7418
The phpwddxpushelement function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service invalid pointer access and out-of-bounds read or possibly have unspecified other impact via an incorrect boolean element in a wddxPacket XML document,...