Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zend vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2013-3735
The Zend Engine in PHP prior to 5.4.16 RC1, and 5.5.0 before RC2, does not properly determine whether a parser error occurred, which allows context-dependent malicious users to cause a denial of service (memory consumption and application crash) via a crafted function definition,...
Php Php 5.4.12
Php Php 5.4.14
Php Php 5.4.8
Php Php 5.4.9
Php Php 5.4.11
Php Php 5.4.10
Php Php 5.4.2
Php Php 5.4.5
Php Php 5.4.6
Php Php 5.4.13
Php Php 5.4.0
Php Php 5.4.3
Php Php 5.4.1
Php Php 5.4.7
Php Php
Php Php 5.4.4
Php Php 5.5.0
445
VMScore
CVE-2012-5657
The (1) Zend_Feed_Rss and (2) Zend_Feed_Atom classes in Zend_Feed in Zend Framework 1.11.x prior to 1.11.15 and 1.12.x prior to 1.12.1 allow remote malicious users to read arbitrary files, send HTTP requests to intranet servers, and possibly cause a denial of service (CPU and mem...
Zend Zend Framework 1.11.10
Zend Zend Framework 1.11.11
Zend Zend Framework 1.11.12
Zend Zend Framework 1.11.13
Zend Zend Framework 1.11.2
Zend Zend Framework 1.11.3
Zend Zend Framework 1.11.4
Zend Zend Framework 1.11.5
Zend Zend Framework 1.11.1
Zend Zend Framework 1.11.6
Zend Zend Framework 1.11.8
Zend Zend Framework 1.11.0
Zend Zend Framework 1.11.7
Zend Zend Framework 1.11.9
Zend Zend Framework 1.12.0
445
VMScore
CVE-2012-6532
(1) Zend_Dom, (2) Zend_Feed, (3) Zend_Soap, and (4) Zend_XmlRpc in Zend Framework 1.x prior to 1.11.13 and 1.12.x prior to 1.12.0 allow remote malicious users to cause a denial of service (CPU consumption) via recursive or circular references in an XML entity definition in an XML...
Zend Zend Framework 1.0.4
Zend Zend Framework 1.7.0
Zend Zend Framework 1.7.1
Zend Zend Framework 1.7.8
Zend Zend Framework 1.7.9
Zend Zend Framework 1.9.0
Zend Zend Framework 1.9.1
Zend Zend Framework 1.10.0
Zend Zend Framework 1.10.1
Zend Zend Framework 1.10.8
Zend Zend Framework 1.11.0
Zend Zend Framework 1.5.0
Zend Zend Framework 1.5.1
Zend Zend Framework 1.5.2
Zend Zend Framework 1.7.2
Zend Zend Framework 1.7.3
Zend Zend Framework 1.8.0
Zend Zend Framework 1.8.1
Zend Zend Framework 1.9.2
Zend Zend Framework 1.9.3
Zend Zend Framework 1.9.4
Zend Zend Framework 1.10.2
570
VMScore
CVE-2012-6531
(1) Zend_Dom, (2) Zend_Feed, and (3) Zend_Soap in Zend Framework 1.x prior to 1.11.13 and 1.12.x prior to 1.12.0 do not properly handle SimpleXMLElement classes, which allow remote malicious users to read arbitrary files or create TCP connections via an external entity reference ...
Zend Zend Framework 1.6.0
Zend Zend Framework 1.6.1
Zend Zend Framework 1.6.2
Zend Zend Framework 1.7.0
Zend Zend Framework 1.7.1
Zend Zend Framework 1.8.4
Zend Zend Framework 1.8.5
Zend Zend Framework 1.9.0
Zend Zend Framework 1.9.1
Zend Zend Framework 1.10.6
Zend Zend Framework 1.10.7
Zend Zend Framework 1.10.8
Zend Zend Framework 1.11.0
Zend Zend Framework 1.12.0
Zend Zend Framework 1.5.0
Zend Zend Framework 1.5.2
Zend Zend Framework 1.7.2
Zend Zend Framework 1.7.4
Zend Zend Framework 1.8.1
Zend Zend Framework 1.8.3
Zend Zend Framework 1.9.2
Zend Zend Framework 1.9.4
645
VMScore
CVE-2012-3363
Zend_XmlRpc in Zend Framework 1.x prior to 1.11.12 and 1.12.x prior to 1.12.0 does not properly handle SimpleXMLElement classes, which allows remote malicious users to read arbitrary files or create TCP connections via an external entity reference in a DOCTYPE element in an XML-R...
Zend Zend Framework 1.12.0
Zend Zend Framework
Fedoraproject Fedora 17
Fedoraproject Fedora 18
Debian Debian Linux 6.0
1 EDB exploit
605
VMScore
CVE-2012-5382
Untrusted search path vulnerability in the installation functionality in Zend Server 5.6.0 SP4, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the C:\Zend\ZendServer\share\ZendFramework\bin directory, which may ...
Zend Zend Server 5.6.0
1 EDB exploit
445
VMScore
CVE-2011-3825
Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Validate.php and certain other files.
Zend Framework 1.11.3
Zend Server 5.1.0
561
VMScore
CVE-2011-0441
The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/.
Php Php 5.3.5
435
VMScore
CVE-2011-0708
exif.c in the Exif extension in PHP prior to 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote malicious users to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read.
Php Php 4.0.2
Php Php 4.0.3
Php Php 5.3.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.4.2
Php Php 3.0.11
Php Php 3.0.10
Php Php 3.0.4
Php Php 3.0.3
Php Php 3.0.8
Php Php 3.0.5
Php Php 5.2.13
Php Php 5.2.11
Php Php 5.2.14
1 EDB exploit
383
VMScore
CVE-2011-1464
Buffer overflow in the strval function in PHP prior to 5.3.6, when the precision configuration option has a large value, might allow context-dependent malicious users to cause a denial of service (application crash) via a small numerical value in the argument.
Php Php 5.3.0
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.4.2
Php Php 4.4.9
Php Php 3.0.11
Php Php 3.0.4
Php Php 3.0.3
Php Php 3.0.8
Php Php 3.0.5
Php Php 5.2.10
Php Php 5.2.13
Php Php 5.2.14
Php Php 5.2.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »