Page 2 of 9 results (0.007 seconds)

CVSS: 7.5EPSS: 14%CPEs: 7EXPL: 1

Use-after-free vulnerability in the _zend_shared_memdup function in zend_shared_alloc.c in the OPcache extension in PHP through 5.6.7 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Vulnerabilidad de uso después de liberación en la función _zend_shared_memdup en zend_shared_alloc.c en la extensión OPcache en PHP hasta 5.6.7 permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores desconocidos. A use-after-free flaw was found in PHP's OPcache extension. This flaw could possibly lead to a disclosure of a portion of the server memory. • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=777c39f4042327eac4b63c7ee87dc1c7a09a3115 http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://openwall.com/lists/oss-security/2015/01/24/9 http://rhn.redhat.com/errata/RHSA-2015-1053.html http://rhn.redhat.com/errata/RHSA-2015-1066.html http://www.mandriva.com/security/advisories?name=MDVSA-2015:079 http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.oracle.com/technetwork/to • CWE-416: Use After Free •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.3.0.3 allows remote attackers to affect integrity via unknown vectors. Vulnerabilidad sin especificar en el componente Oracle Secure Backup de Oracle Secure Backup 10.3.0.3 permite a atacantes remotos afectar la integridad a través de vectores de ataque desconocidos. • http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html http://www.us-cert.gov/cas/techalerts/TA11-201A.html •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.3.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2011-2261. Vulnerabilidad no especificada en el componente Oracle Secure Backup en Oracle Secure Backup 10.3.0.3 permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2011-2261. • http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html http://www.us-cert.gov/cas/techalerts/TA11-201A.html •

CVSS: 10.0EPSS: 95%CPEs: 1EXPL: 0

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.3.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2011-2252. Vulnerabilidad no especificada en el componente Oracle Secure Backup en Oracle Secure Backup 10.3.0.3 permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2011-2252. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Secure Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists within the validate_login function defined within /apache/htdocts/php/common.php. The username parameter is passed with limited sanitization to an exec_qr call which can be abused to inject commands. • http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html http://www.us-cert.gov/cas/techalerts/TA11-201A.html •