Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zend vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2013-3735
The Zend Engine in PHP prior to 5.4.16 RC1, and 5.5.0 before RC2, does not properly determine whether a parser error occurred, which allows context-dependent malicious users to cause a denial of service (memory consumption and application crash) via a crafted function definition,...
Php Php 5.4.12
Php Php 5.4.14
Php Php 5.4.8
Php Php 5.4.9
Php Php 5.4.11
Php Php 5.4.10
Php Php 5.4.2
Php Php 5.4.5
Php Php 5.4.6
Php Php 5.4.13
Php Php 5.4.0
Php Php 5.4.3
Php Php 5.4.1
Php Php 5.4.7
Php Php
Php Php 5.4.4
Php Php 5.5.0
5
CVSSv2
CVE-2012-5657
The (1) Zend_Feed_Rss and (2) Zend_Feed_Atom classes in Zend_Feed in Zend Framework 1.11.x prior to 1.11.15 and 1.12.x prior to 1.12.1 allow remote malicious users to read arbitrary files, send HTTP requests to intranet servers, and possibly cause a denial of service (CPU and mem...
Zend Zend Framework 1.11.4
Zend Zend Framework 1.11.11
Zend Zend Framework 1.11.5
Zend Zend Framework 1.11.12
Zend Zend Framework 1.11.9
Zend Zend Framework 1.11.6
Zend Zend Framework 1.11.3
Zend Zend Framework 1.11.13
Zend Zend Framework 1.11.2
Zend Zend Framework 1.11.0
Zend Zend Framework 1.11.10
Zend Zend Framework 1.11.8
Zend Zend Framework 1.11.7
Zend Zend Framework 1.11.1
Zend Zend Framework 1.12.0
6.4
CVSSv2
CVE-2012-6531
(1) Zend_Dom, (2) Zend_Feed, and (3) Zend_Soap in Zend Framework 1.x prior to 1.11.13 and 1.12.x prior to 1.12.0 do not properly handle SimpleXMLElement classes, which allow remote malicious users to read arbitrary files or create TCP connections via an external entity reference ...
Zend Zend Framework 1.10.6
Zend Zend Framework 1.12.0
Zend Zend Framework 1.10.3
Zend Zend Framework 1.11.4
Zend Zend Framework 1.7.4
Zend Zend Framework 1.7.5
Zend Zend Framework 1.10.5
Zend Zend Framework 1.11.11
Zend Zend Framework 1.10.8
Zend Zend Framework 1.10.0
Zend Zend Framework 1.5.0
Zend Zend Framework 1.9.6
Zend Zend Framework 1.8.3
Zend Zend Framework 1.7.6
Zend Zend Framework 1.8.0
Zend Zend Framework 1.11.5
Zend Zend Framework 1.7.2
Zend Zend Framework 1.6.0
Zend Zend Framework 1.9.2
Zend Zend Framework 1.11.12
Zend Zend Framework 1.9.3
Zend Zend Framework 1.5.1
6.4
CVSSv2
CVE-2012-3363
Zend_XmlRpc in Zend Framework 1.x prior to 1.11.12 and 1.12.x prior to 1.12.0 does not properly handle SimpleXMLElement classes, which allows remote malicious users to read arbitrary files or create TCP connections via an external entity reference in a DOCTYPE element in an XML-R...
Zend Zend Framework 1.12.0
Zend Zend Framework
Fedoraproject Fedora 17
Fedoraproject Fedora 18
Debian Debian Linux 6.0
1 EDB exploit
5
CVSSv2
CVE-2012-6532
(1) Zend_Dom, (2) Zend_Feed, (3) Zend_Soap, and (4) Zend_XmlRpc in Zend Framework 1.x prior to 1.11.13 and 1.12.x prior to 1.12.0 allow remote malicious users to cause a denial of service (CPU consumption) via recursive or circular references in an XML entity definition in an XML...
Zend Zend Framework 1.10.6
Zend Zend Framework 1.12.0
Zend Zend Framework 1.10.3
Zend Zend Framework 1.11.4
Zend Zend Framework 1.7.4
Zend Zend Framework 1.7.5
Zend Zend Framework 1.10.5
Zend Zend Framework 1.11.11
Zend Zend Framework 1.10.8
Zend Zend Framework 1.10.0
Zend Zend Framework 1.5.0
Zend Zend Framework 1.9.6
Zend Zend Framework 1.8.3
Zend Zend Framework 1.7.6
Zend Zend Framework 1.8.0
Zend Zend Framework 1.11.5
Zend Zend Framework 1.7.2
Zend Zend Framework 1.6.0
Zend Zend Framework 1.9.2
Zend Zend Framework 1.11.12
Zend Zend Framework 1.9.3
Zend Zend Framework 1.5.1
6
CVSSv2
CVE-2012-5382
Untrusted search path vulnerability in the installation functionality in Zend Server 5.6.0 SP4, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the C:\Zend\ZendServer\share\ZendFramework\bin directory, which may ...
Zend Zend Server 5.6.0
1 EDB exploit
5
CVSSv2
CVE-2011-3825
Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Validate.php and certain other files.
Zend Framework 1.11.3
Zend Server 5.1.0
6.3
CVSSv2
CVE-2011-0441
The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/.
Php Php 5.3.5
4.3
CVSSv2
CVE-2011-0708
exif.c in the Exif extension in PHP prior to 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote malicious users to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read.
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.2.4
Php Php 5.1.5
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
Php Php 5.2.16
Php Php 4.3.4
1 EDB exploit
4.3
CVSSv2
CVE-2011-0421
The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP prior to 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent malicious users to cause a denial of service (NULL pointer dereference) via an empty ZIP...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.2.4
Php Php 5.1.5
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
Php Php 5.2.16
Php Php 4.3.4
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »