[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 26616 Download | Alert*

The phar_parse_metadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (heap metadata corruption) or possibly have unspecified other impact via a crafted tar archive.

The do_soap_call function in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that the uri property is a string, which allows remote attackers to obtain sensitive information by providing crafted serialized data with an int data type, related to a "type confusion" issue.

The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that __default_headers is an array, which allows remote attackers to execute arbitrary code by providing crafted serialized data with an unexpected data type, related to a "type confusion" issue.

Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome.

Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow.

Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow.

The host is installed with Apache HTTP Server through 2.4.12 and is prone to a denial of service vulnerability. A flaw is present in lua_websocket_read function in lua_request.c in mod_lua module, which fails to handle crafted WebSocket Ping frame after a Lua script has called the wsupgrade function. Successful exploitation will allow remote attackers to cause a denial of service (child-process cr ...

The host is installed with Python 2.7 before 2.7.8 or 3.x before 3.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted input. Successful exploitation could allow attackers to crash the service.

The host is installed with Atlassian Confluence Server 4.x before 7.19.17, 8.4.0 before 8.4.5, 8.5.0 before 8.5.4 and is prone to a template injection vulnerability. A flaw is present in the application which fails to properly handle unspecified vectors. Successful exploitation allows an unauthenticated attacker to inject unsafe user input into a Confluence page.

Visual Studio Tools for Office Runtime Spoofing Vulnerability.


Pages:      Start    1128    1129    1130    1131    1132    1133    1134    1135    1136    1137    1138    1139    1140    1141    ..   2661

© SecPod Technologies