47 matches found
EUVD-2016-8010
Malware in sbrugna...
EUVD-2016-8009
Malware in sbrugna...
EUVD-2014-9521
Malware in sbrugna...
EUVD-2016-10722
Malware in sbrugna...
SUSE CVE-2014-9714
Cross-site scripting XSS vulnerability in the WddxPacket::recursiveAddVar function in HHVM aka the HipHop Virtual Machine before 3.5.0 allows remote attackers to inject arbitrary web script or HTML via a crafted string to the wddxserializevalue function...
Null Pointer Dereference
PHP is vulnerable to null pointer dereference vulnerability. This exists in ext/wddx/wddx.c which allows remote attackers to cause a denial of service via crafted serialized data in a wddxPacket XML document, as demonstrated by a PDORow string...
Use After Free
PHP is vulnerable to use after free vulnerability. The vulnerability exists in the wddxstackdestroy function in ext/wddx/wddx.c in PHP. Remote attackers could cause a denial of service or possibly have unspecified other impact via a wddxPacket XML document that lacks an end-tag for a recordset...
Null Pointer Dereference
PHP is vulnerable to null pointer deference vulnerability. The vulnerability exists in the phpwddxpopelement function in ext/wddx/wddx.c in PHP. Remote attackers could cause a denial of service via an inapplicable class name in a wddxPacket XML document, leading to mishandling in a wddxdeserializ...
Out-Of-Bounds Read
PHP is vulnerable to out-of-bounds read attacks. This exists in the phpwddxpushelement function in ext/wddx/wddx.c which allows remote attackers to cause a denial of service or possibly have unspecified other impact via an empty boolean element in a wddxPacket XML document...
USN-3196-1: PHP vulnerabilities
It was discovered that PHP incorrectly handled certain arguments to the localegetdisplayname function. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2014-9912 It was discovered that PHP incorrectly handled...
Null pointer dereference
The phpwddxpopelement function in ext/wddx/wddx.c in PHP 7.0.x before 7.0.15 and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an inapplicable class name in a wddxPacket XML document, leading to mishandling in a...
CVE-2016-10162
Removed by vendor...
CVE-2016-9935
The phpwddxpushelement function in ext/wddx/wddx.c in PHP before 5.6.29 and 7.x before 7.0.14 allows remote attackers to cause a denial of service out-of-bounds read and memory corruption or possibly have unspecified other impact via an empty boolean element in a wddxPacket XML document...
CVE-2016-9935
The phpwddxpushelement function in ext/wddx/wddx.c in PHP before 5.6.29 and 7.x before 7.0.14 allows remote attackers to cause a denial of service out-of-bounds read and memory corruption or possibly have unspecified other impact via an empty boolean element in a wddxPacket XML document...
Null pointer dereference
ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13 allows remote attackers to cause a denial of service NULL pointer dereference via crafted serialized data in a wddxPacket XML document, as demonstrated by a PDORow string...
EUVD-2016-10721
ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13 allows remote attackers to cause a denial of service NULL pointer dereference via crafted serialized data in a wddxPacket XML document, as demonstrated by a PDORow string...
CVE-2016-9934
CVE-2016-9934 affects PHP’s WDDX extension (ext/wddx/wddx.c) in PHP before 5.6.28 and 7.x before 7.0.13, allowing remote attackers to cause a denial of service via crafted serialized data in a wddxPacket XML document (demonstrated by a PDORow string). Connected advisories corroborate the issue ac...
CVE-2016-9935
The phpwddxpushelement function in ext/wddx/wddx.c in PHP before 5.6.29 and 7.x before 7.0.14 allows remote attackers to cause a denial of service out-of-bounds read and memory corruption or possibly have unspecified other impact via an empty boolean element in a wddxPacket XML document...
UBUNTU-CVE-2016-9935
The phpwddxpushelement function in ext/wddx/wddx.c in PHP before 5.6.29 and 7.x before 7.0.14 allows remote attackers to cause a denial of service out-of-bounds read and memory corruption or possibly have unspecified other impact via an empty boolean element in a wddxPacket XML document...
PHP 5.6.x < 5.6.28 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.28. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the parseurl function due to returning the incorrect host. An unauthenticated, remote attacker can exploit this to hav...