Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zend vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2016-7478
Zend/zend_exceptions.c in PHP, possibly 5.x prior to 5.6.28 and 7.x prior to 7.0.13, allows remote malicious users to cause a denial of service (infinite loop) via a crafted Exception object in serialized data, a related issue to CVE-2015-8876.
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.3
Php Php 5.1.4
Php Php 5.2.13
Php Php 5.2.14
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.3.11
Php Php 5.3.12
Php Php 5.3.2
Php Php 5.3.20
Php Php 5.3.27
Php Php 5.3.28
Php Php 5.3.9
Php Php 5.4.0
Php Php 5.4.13
Php Php 5.4.14
Php Php 5.4.19
Php Php 5.4.2
Php Php 5.4.26
9.8
CVSSv3
CVE-2017-5340
Zend/zend_hash.c in PHP prior to 7.0.15 and 7.1.x prior to 7.1.1 mishandles certain cases that require large array allocations, which allows remote malicious users to execute arbitrary code or cause a denial of service (integer overflow, uninitialized memory access, and use of ar...
Php Php
Netapp Clustered Data Ontap -
9.8
CVSSv3
CVE-2016-10033
The mailSend function in the isMail transport in PHPMailer prior to 5.2.18 might allow remote malicious users to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.
Phpmailer Project Phpmailer
Wordpress Wordpress
Joomla Joomla\\!
9 EDB exploits
117 Github repositories
9.8
CVSSv3
CVE-2016-10034
The setFrom function in the Sendmail adapter in the zend-mail component prior to 2.4.11, 2.5.x, 2.6.x, and 2.7.x prior to 2.7.2, and Zend Framework prior to 2.4.11 might allow remote malicious users to pass extra parameters to the mail command and consequently execute arbitrary c...
Zend Zend Framework
Zend Zend-mail 2.6.2
Zend Zend-mail 2.7.0
Zend Zend-mail 2.7.1
Zend Zend-mail 2.5.0
Zend Zend-mail
Zend Zend-mail 2.6.0
Zend Zend-mail 2.6.1
Zend Zend-mail 2.5.1
Zend Zend-mail 2.5.2
3 EDB exploits
3 Github repositories
9.8
CVSSv3
CVE-2016-10045
The isMail transport in PHPMailer prior to 5.2.20 might allow remote malicious users to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the ...
Phpmailer Project Phpmailer
Wordpress Wordpress
Joomla Joomla\\!
3 EDB exploits
89 Github repositories
9.8
CVSSv3
CVE-2016-10074
The mail transport (aka Swift_Transport_MailTransport) in Swift Mailer prior to 5.4.5 might allow remote malicious users to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted e-mail address in the ...
Swiftmailer Swiftmailer
3 EDB exploits
3 Github repositories
1 Article
9.8
CVSSv3
CVE-2015-7695
The PDO adapters in Zend Framework prior to 1.12.16 do not filer null bytes in SQL statements, which allows remote malicious users to execute arbitrary SQL commands via a crafted query.
Zend Zend Framework
Debian Debian Linux 7.0
Debian Debian Linux 8.0
7.8
CVSSv3
CVE-2015-5723
Doctrine Annotations prior to 1.2.7, Cache prior to 1.3.2 and 1.4.x prior to 1.4.2, Common prior to 2.4.3 and 2.5.x prior to 2.5.1, ORM prior to 2.4.8 or 2.5.x prior to 2.5.1, MongoDB ODM prior to 1.0.2, and MongoDB ODM Bundle prior to 3.0.1 use world-writable permissions for cac...
Zend Zend-cache 2.5.1
Zend Zend-cache 2.5.0
Zend Zend-cache 2.5.2
Zend Zend-cache
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Doctrine-project Object Relational Mapper 2.5.0
Doctrine-project Object Relational Mapper
Doctrine-project Doctrinemongodbbundle 3.0.0
Zend Zend Framework
Doctrine-project Common
Doctrine-project Common 2.5.0
Doctrine-project Annotations
Doctrine-project Mongodb-odm
Doctrine-project Cache 1.4.0
Doctrine-project Cache 1.4.1
Doctrine-project Cache
Zend Zf-apigility-doctrine
1 Github repository
9.8
CVSSv3
CVE-2015-8617
Format string vulnerability in the zend_throw_or_error function in Zend/zend_execute_API.c in PHP 7.x prior to 7.0.1 allows remote malicious users to execute arbitrary code via format string specifiers in a string that is misused as a class name, leading to incorrect error handli...
Php Php 7.0.1
1 EDB exploit
NA
CVE-2015-5161
The Zend_Xml_Security::scan in ZendXml prior to 1.0.1 and Zend Framework prior to 1.12.14, 2.x prior to 2.4.6, and 2.5.x prior to 2.5.2, when running under PHP-FPM in a threaded environment, allows remote malicious users to bypass security checks and conduct XML external entity (...
Zend Zend Framework 1.0.0
Zend Zend Framework 1.5.0
Zend Zend Framework 1.5.1
Zend Zend Framework 1.6.1
Zend Zend Framework 1.6.2
Zend Zend Framework 1.7.3
Zend Zend Framework 1.7.4
Zend Zend Framework 1.8.0
Zend Zend Framework 1.8.1
Zend Zend Framework 1.9.0
Zend Zend Framework 1.9.5
Zend Zend Framework 1.9.6
Zend Zend Framework 1.10.2
Zend Zend Framework 1.10.3
Zend Zend Framework 1.11.0
Zend Zend Framework 1.11.6
Zend Zend Framework 1.11.7
Zend Zend Framework 1.11.8
Zend Zend Framework 1.12.0
Zend Zend Framework 1.12.5
Zend Zend Framework 1.12.6
Zend Zend Framework 2.0.0
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »