Lucene search
K

26 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:4 a.m.6 views

SUSE CVE-2016-3141

Use-after-free vulnerability in wddx.c in the WDDX extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact by triggering a wddxdeserialize call on XML data...

9.8CVSS9.2AI score0.35438EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 5:0 a.m.5 views

SUSE CVE-2016-5772

Double free vulnerability in the phpwddxprocessdata function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via crafted XML data that is...

9.8CVSS9.3AI score0.09674EPSS
Exploits1References7
BDU FSTEC
BDU FSTEC
added 2022/04/20 12:0 a.m.6 views

The vulnerability of the ext/wddx/wddx.c component of the PHP interpreter allows a attacker to cause a service failure.

The vulnerability of the ext/wddx/wddx.c component of the PHP interpreter is related to the assignment of a null pointer. Exploiting this vulnerability can allow an attacker to cause a service failure by using specially created serialized data in an XML document called wddxPacket...

7.8CVSS7.4AI score0.06845EPSS
Exploits0References11Affected Software3
CNVD
CNVD
added 2016/12/14 12:0 a.m.1 views

PHP 'ext/wddx/wddx.c' Denial of Service Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. PHP...

9.8CVSS8.2AI score0.07031EPSS
Exploits0References1
CNVD
CNVD
added 2016/12/14 12:0 a.m.3 views

PHP 'ext/wddx/wddx.c' Null Pointer Reference Remote Denial of Service Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A nu...

7.5CVSS8.3AI score0.06845EPSS
Exploits0References1
Hacker One
Hacker One
added 2016/12/06 9:1 a.m.23 views

Internet Bug Bounty: Invalid read when wddx decodes empty boolean element

Description ----------- I have found some vulnerable code in wddx extension. The trouble happens when trying to process 'boolean' tag. If I open tag without data, new stentry item WILL NOT be pushed into stack. When tag is closed and stack-top is greater than 1, stentry item at top of stack WILL ...

6.9AI score
Exploits0
RedHat Linux
RedHat Linux
added 2016/11/15 11:40 a.m.6 views

php: Double Free Corruption in wddx_deserialize

Double free vulnerability in the phpwddxprocessdata function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via crafted XML data that is...

9.8CVSS7.7AI score0.09674EPSS
Exploits1References4
CNVD
CNVD
added 2016/09/07 12:0 a.m.2 views

PHP 'ext/wddx/wddx.c' Denial of Service Vulnerability

PHP is an open source general-purpose computer scripting language. The PHP 'ext/wddx/wddx.c' denial of service vulnerability allows attackers to exploit the vulnerability to crash an application, causing a denial of service...

7.5CVSS7.5AI score0.06672EPSS
Exploits1References1
NVD
NVD
added 2016/08/07 10:59 a.m.26 views

CVE-2016-5772

Double free vulnerability in the phpwddxprocessdata function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via crafted XML data that is...

9.8CVSS10AI score0.09674EPSS
Exploits1References14
OSV
OSV
added 2016/08/07 10:59 a.m.16 views

CVE-2016-5772

Double free vulnerability in the phpwddxprocessdata function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via crafted XML data that is...

9.8CVSS9.3AI score
Exploits0References14
Cvelist
Cvelist
added 2016/08/07 10:0 a.m.30 views

CVE-2016-5772

Double free vulnerability in the phpwddxprocessdata function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via crafted XML data that is...

10AI score0.09674EPSS
Exploits1References14
Debian CVE
Debian CVE
added 2016/08/07 10:0 a.m.39 views

CVE-2016-5772

Removed by vendor...

9.8CVSS7.3AI score0.09674EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2016/06/29 12:18 p.m.41 views

CVE-2016-5772

Double free vulnerability in the phpwddxprocessdata function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via crafted XML data that is...

9.8CVSS7.3AI score0.09674EPSS
Exploits1References1
OSV
OSV
added 2016/06/24 12:0 a.m.6 views

UBUNTU-CVE-2016-5772

Double free vulnerability in the phpwddxprocessdata function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via crafted XML data that is...

9.8CVSS7.1AI score0.09674EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2016/05/02 12:0 a.m.57 views

Ubuntu 15.10 : php5 regression (USN-2952-2)

USN-2952-1 fixed vulnerabilities in PHP. One of the backported patches caused a regression in the PHP Soap client. This update fixes the problem. We apologize for the inconvenience. It was discovered that the PHP Zip extension incorrectly handled directories when processing certain zip files. A...

10CVSS7.6AI score0.35438EPSS
Exploits4References9
Tenable Nessus
Tenable Nessus
added 2016/04/22 12:0 a.m.68 views

Ubuntu 14.04 LTS : PHP vulnerabilities (USN-2952-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2952-1 advisory. It was discovered that the PHP Zip extension incorrectly handled directories when processing certain zip files. A remote attacker could possibly use this...

10CVSS7.6AI score0.35438EPSS
Exploits4References9
OSV
OSV
added 2016/04/21 3:16 p.m.5 views

USN-2952-1 php5 vulnerabilities

It was discovered that the PHP Zip extension incorrectly handled directories when processing certain zip files. A remote attacker could possibly use this issue to create arbitrary directories. CVE-2014-9767 It was discovered that the PHP Soap client incorrectly validated data types. A remote...

10CVSS7AI score0.35438EPSS
Exploits9References9
CNVD
CNVD
added 2016/04/03 12:0 a.m.2 views

PHP WDDX Extension wddx.c Buffer Overflow Vulnerability

PHP is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community.PHAR is one of the archived extensions. A buffer overflow vulnerability exists in the wddx.c file in PHP's WDDX extension. A remote attacker could send a wddxdeserialize cal...

9.8CVSS8.7AI score0.35438EPSS
Exploits0References1
Prion
Prion
added 2016/03/31 4:59 p.m.34 views

Design/Logic Flaw

Use-after-free vulnerability in wddx.c in the WDDX extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact by triggering a wddxdeserialize call on XML data...

7.5CVSS8AI score0.35438EPSS
Exploits0References15Affected Software2
Cvelist
Cvelist
added 2016/03/31 4:0 p.m.34 views

CVE-2016-3141

Use-after-free vulnerability in wddx.c in the WDDX extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact by triggering a wddxdeserialize call on XML data...

10AI score0.35438EPSS
Exploits0References15
Rows per page
Query Builder