Page 59 of 580 results (0.007 seconds)

CVSS: 6.1EPSS: 0%CPEs: 62EXPL: 0

CVE-2016-5733

https://notcve.org/view.php?id=CVE-2016-5733

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a crafted table name that is mishandled during privilege checking in table_row.phtml, (2) a crafted mysqld log_bin directive that is mishandled in log_selector.phtml, (3) the Transformation implementation, (4) AJAX error handling in js/ajax.js, (5) the Designer implementation, (6) the charts implementation in js/tbl_chart.js, or (7) the zoom-search implementation in rows_zoom.phtml. Múltiples vulnerabilidades de XSS en phpMyAdmin 4.0.x en versiones anteriores a 4.0.10.16, 4.4.x en versiones anteriores a 4.4.15.7 y 4.6.x en versiones anteriores a 4.6.3 permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores relacionados con (1)un nombre de tabla manipulado que es manejado incorrectamente durante la comprobación de privilegios en table_row.phtml, (2) una directiva mysqld log_bin manipulada que es manejada incorrectamente en log_selector.phtml, (3) la implementación de Transformation, (4) manejo del error AJAX en js/ajax.js, (5) la implementación de Designer, (6) la implementación de gráficos en js/tbl_chart.js o (7) la implementación de búsqueda de zoom en rows_zoom.phtml. • http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.html http://lists.opensuse.org/opensuse-updates/2016-06/msg00114.html http://www.debian.org/security/2016/dsa-3627 http://www.securityfocus.com/bid/91390 https://github.com/phpmyadmin/phpmyadmin/commit/4d21b5c077db50c2a54b7f569d20f463cc2651f5 https://github.com/phpmyadmin/phpmyadmin/commit/615212a14d7d87712202f37354acf8581987fc5a https://github.com/phpmyadmin/phpmyadmin/commit/79661610f6f65443e0ec1e382a7240437f28436c https://github.com/phpmyadmin/phpmyadmin/commit/8716855b309dbe65d7b9 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 2%CPEs: 3EXPL: 0

CVE-2016-5301

https://notcve.org/view.php?id=CVE-2016-5301

The parse_chunk_header function in libtorrent before 1.1.1 allows remote attackers to cause a denial of service (crash) via a crafted (1) HTTP response or possibly a (2) UPnP broadcast. La función parse_chunk_header en libtorrent en versiones anteriores a 1.1.1 permite a atacantes remotos provocar una denegación de servicio (caída) a través de (1) una respuesta HTTP o posiblemente (2) una difusión UPnP manipuladas. • http://lists.opensuse.org/opensuse-updates/2016-06/msg00079.html http://lists.opensuse.org/opensuse-updates/2016-06/msg00103.html http://lists.opensuse.org/opensuse-updates/2016-09/msg00043.html http://www.openwall.com/lists/oss-security/2016/06/04/9 http://www.openwall.com/lists/oss-security/2016/06/05/1 http://www.securityfocus.com/bid/91498 https://github.com/arvidn/libtorrent/issues/780 https://github.com/arvidn/libtorrent/pull/782/files • CWE-20: Improper Input Validation •

CVSS: 9.8EPSS: 2%CPEs: 9EXPL: 1

CVE-2016-5772 – php: Double Free Corruption in wddx_deserialize

https://notcve.org/view.php?id=CVE-2016-5772

Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted XML data that is mishandled in a wddx_deserialize call. Vulnerabilidad de liberación doble en la función php_wddx_process_data en wddx.c en la extensión WDDX en PHP en versiones anteriores a 5.5.37, 5.6.x en versiones anteriores a 5.6.23 y 7.x en versiones anteriores a 7.0.8 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de datos XML manipulados que no es manejado adecuadamente en una llamada wddx_deserialize. • http://github.com/php/php-src/commit/a44c89e8af7c2410f4bfc5e097be2a5d0639a60c?w=1 http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00025.html http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html http://php.net/ChangeLog-5.php http://php.net/ChangeLog-7.php http://rhn.redhat.com/errata/RHSA-2016-2750.html http:// • CWE-415: Double Free CWE-416: Use After Free •

CVSS: 9.8EPSS: 1%CPEs: 6EXPL: 1

CVE-2016-5771 – php: Use After Free Vulnerability in PHP's GC algorithm and unserialize

https://notcve.org/view.php?id=CVE-2016-5771

spl_array.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data. spl_array.c en la extension SPL en PHP en versiones anteriores a 5.5.37 y 5.6.x en versiones anteriores a 5.6.23 interactúa incorrectamente con la implementación no serializada y la recolección de basura, lo que permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (uso después de liberación y caída de aplicación) a través de datos serializados manipulados. • http://github.com/php/php-src/commit/3f627e580acfdaf0595ae3b115b8bec677f203ee?w=1 http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html http://php.net/ChangeLog-5.php http://rhn.redhat.com/errata/RHSA-2016-2750.html http://www.debian.org/security/2016/dsa-3618 http://www.openwall.com/lists/oss-security/2016/06/23/4 http: • CWE-416: Use After Free •

CVSS: 9.8EPSS: 3%CPEs: 6EXPL: 1

CVE-2016-5770 – php: Int/size_t confusion in SplFileObject::fread

https://notcve.org/view.php?id=CVE-2016-5770

Integer overflow in the SplFileObject::fread function in spl_directory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue to CVE-2016-5096. Desbordamiento de entero en la función SplFileObject::fread en spl_directory.c en la extensión SPL en PHP en versiones anteriores a 5.5.37 y 5.6.x en versiones anteriores 5.6.23 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto no especificado a través de un argumento de entero grande, un problema relacionado con CVE-2016-5096. A type confusion issue was found in the SPLFileObject fread() function. A remote attacker able to submit a specially crafted input to a PHP application, which uses this function, could use this flaw to execute arbitrary code with the privileges of the user running that PHP application. • http://github.com/php/php-src/commit/7245bff300d3fa8bacbef7897ff080a6f1c23eba?w=1 http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html http://php.net/ChangeLog-5.php http://rhn.redhat.com/errata/RHSA-2016-2750.html http://www.debian.org/security/2016/dsa-3618 http://www.openwall.com/lists/oss-security/2016/06/23/4 http: • CWE-190: Integer Overflow or Wraparound CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •