EUVD-2010-4662

Malware in sbrugna...

EUVD-2010-1933

Malware in sbrugna...

SUSE CVE-2006-4812

Integer overflow in PHP 5 up to 5.1.6 and 4 before 4.3.0 allows remote attackers to execute arbitrary code via an argument to the unserialize PHP function with a large value for the number of array elements, which triggers the overflow in the Zend Engine ecalloc function Zend/zendalloc.c...

SUSE CVE-2007-1285

The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service stack exhaustion and PHP crash via deeply nested arrays, which trigger deep recursion in the variable destruction routines...

SUSE CVE-2010-1914

The Zend Engine in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information by interrupting the handler for the 1 ZENDBWXOR opcode shiftleftfunction, 2 ZENDSL opcode bitwisexorfunction, or 3 ZENDSR opcode shiftrightfunction, related to the...

SUSE CVE-2010-4697

Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 and 5.3.x before 5.3.4 might allow context-dependent attackers to cause a denial of service heap memory corruption or have unspecified other impact via vectors related to use of set, get, isset, and unset methods on objects...

SUSE CVE-2013-3735

The Zend Engine in PHP before 5.4.16 RC1, and 5.5.0 before RC2, does not properly determine whether a parser error occurred, which allows context-dependent attackers to cause a denial of service memory consumption and application crash via a crafted function definition, as demonstrated by an atta...

SUSE CVE-2014-9425

Double free vulnerability in the zendtshashgracefuldestroy function in zendtshash.c in the Zend Engine in PHP through 5.5.20 and 5.6.x through 5.6.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

SUSE CVE-2017-6441

The zvalgetlongfuncex in Zend/zendoperators.c in PHP 7.1.2 allows attackers to cause a denial of service NULL pointer dereference and application crash via crafted use of "declareticks=" in a PHP script. NOTE: the vendor disputes the classification of this as a vulnerability, stating "Please do n...

SUSE CVE-2017-9119

The izvalptrdtor function in Zend/zendvariables.h in PHP 7.1.5 allows attackers to cause a denial of service memory consumption and application crash or possibly have unspecified other impact by triggering crafted operations on array data structures...

The vulnerability of the Zend Engine interpreter component for the PHP programming language allows a hacker to trigger a service failure.

The vulnerability of the Zend Engine interpreter for the PHP programming language exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

EulerOS Virtualization for ARM 64 3.0.2.0 : php (EulerOS-SA-2020-1542)

According to the versions of the php packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated we...

UBUNTU-CVE-2017-6441

The zvalgetlongfuncex in Zend/zendoperators.c in PHP 7.1.2 allows attackers to cause a denial of service NULL pointer dereference and application crash via crafted use of "declareticks=" in a PHP script. NOTE: the vendor disputes the classification of this as a vulnerability, stating "Please do n...

CVE-2016-7478

Zend/zendexceptions.c in PHP, possibly 5.x before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service infinite loop via a crafted Exception object in serialized data, a related issue to CVE-2015-8876...

DEBIAN-CVE-2015-2937

MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2, when using HHVM or Zend PHP, allows remote attackers to cause a denial of service "quadratic blowup" and memory consumption via an XML file containing an entity declaration with long replacement text and many references to th...

CVE-2014-9425

Double free vulnerability in the zendtshashgracefuldestroy function in zendtshash.c in the Zend Engine in PHP through 5.5.20 and 5.6.x through 5.6.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

CVE-2014-9425

Double free vulnerability in the zendtshashgracefuldestroy function in zendtshash.c in the Zend Engine in PHP through 5.5.20 and 5.6.x through 5.6.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

CVE-2014-9425

Double free vulnerability in the zendtshashgracefuldestroy function in zendtshash.c in the Zend Engine in PHP through 5.5.20 and 5.6.x through 5.6.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

CVE-2014-9425

CVE-2014-9425 is a double-free vulnerability in the Zend Engine’s zend_ts_hash_graceful_destroy, affecting PHP up to 5.5.20 and 5.6.x up to 5.6.4. The issue can enable remote denial of service or potentially other impacts via unknown vectors. Connected advisories (e.g., MiracleLinux AXSA:2015-184...

CVE-2013-3735

The Zend Engine in PHP before 5.4.16 RC1, and 5.5.0 before RC2, does not properly determine whether a parser error occurred, which allows context-dependent attackers to cause a denial of service memory consumption and application crash via a crafted function definition, as demonstrated by an atta...