Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zend zend server vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2016-10045
The isMail transport in PHPMailer prior to 5.2.20 might allow remote malicious users to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the ...
Phpmailer Project Phpmailer
Wordpress Wordpress
Joomla Joomla\\!
3 EDB exploits
89 Github repositories
5
CVSSv2
CVE-2007-1285
The Zend Engine in PHP 4.x prior to 4.4.7, and 5.x prior to 5.2.2, allows remote malicious users to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines.
Php Php
Canonical Ubuntu Linux 7.10
Novell Suse Linux 10.0
Novell Suse Linux 10.1
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 8
Redhat Enterprise Linux Desktop 3.0
Redhat Enterprise Linux Desktop 4.0
Redhat Enterprise Linux Server 4.0
Redhat Enterprise Linux Workstation 4.0
Redhat Enterprise Linux Workstation 3.0
Redhat Enterprise Linux Server 3.0
Redhat Enterprise Linux Server 2.0
Redhat Enterprise Linux Workstation 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2016-10033
The mailSend function in the isMail transport in PHPMailer prior to 5.2.18 might allow remote malicious users to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.
Phpmailer Project Phpmailer
Wordpress Wordpress
Joomla Joomla\\!
9 EDB exploits
118 Github repositories
7.5
CVSSv2
CVE-2014-2052
Zend Framework, as used in ownCloud Server prior to 5.0.15 and 6.0.x prior to 6.0.2, allows remote malicious users to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.
Owncloud Owncloud
5
CVSSv2
CVE-2005-3353
The exif_read_data function in the Exif module in PHP prior to 4.4.1 allows remote malicious users to cause a denial of service (infinite loop) via a malformed JPEG image.
Php Php 4.0.0
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.10
Php Php 4.3.11
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.0
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.3.0
Php Php 4.3.1
Php Php 4.3.6
Php Php 4.3.7
Php Php 4.0.3
7.5
CVSSv2
CVE-2006-5465
Buffer overflow in PHP prior to 5.2.0 allows remote malicious users to execute arbitrary code via crafted UTF-8 inputs to the (1) htmlentities or (2) htmlspecialchars functions.
Php Php 5.0.0
Php Php 5.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.0
Php Php 5.1.1
Php Php 5.0.5
Php Php 5.1.4
Php Php 5.1.5
Php Php
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.1.2
Php Php 5.1.3
9.3
CVSSv2
CVE-2006-4482
Multiple heap-based buffer overflows in the (1) str_repeat and (2) wordwrap functions in ext/standard/string.c in PHP prior to 5.1.5, when used on a 64-bit system, have unspecified impact and attack vectors, a different vulnerability than CVE-2006-1990.
Php Php
Canonical Ubuntu Linux 5.04
Canonical Ubuntu Linux 5.10
Canonical Ubuntu Linux 6.06
Debian Debian Linux 3.1
9.3
CVSSv2
CVE-2006-3017
zend_hash_del_key_or_index in zend_hash.c in PHP prior to 4.4.3 and 5.x prior to 5.1.3 can cause zend_hash_del to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's value to be use...
Php Php 3.0.13
Php Php 3.0.14
Php Php 3.0.5
Php Php 3.0.6
Php Php 4.0.1
Php Php 4.0.6
Php Php 4.0.7
Php Php 4.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.0
Php Php 3.0
Php Php 3.0.15
Php Php 3.0.16
Php Php 3.0.7
Php Php 3.0.8
Php Php 4.0.2
7.5
CVSSv2
CVE-2007-1889
Integer signedness error in the _zend_mm_alloc_int function in the Zend Memory Manager in PHP 5.2.0 allows remote malicious users to execute arbitrary code via a large emalloc request, related to an incorrect signed long cast, as demonstrated via the HTTP SOAP client in PHP, and ...
Php Php 5.2.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2