Max CVSS 10.0 Min CVSS 1.9 Total Count86
IDCVSSSummaryLast (major) updatePublished
CVE-2016-9603 9.0
A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged
27-07-2018 - 17:29 27-07-2018 - 17:29
CVE-2017-7526 4.3
libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed to work on RSA-2048 w
26-07-2018 - 09:29 26-07-2018 - 09:29
CVE-2016-9063 7.5
An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox < 50.
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-2839 4.3
An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attac
24-04-2018 - 15:29 24-04-2018 - 15:29
CVE-2017-2838 4.3
An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attac
24-04-2018 - 15:29 24-04-2018 - 15:29
CVE-2017-2837 4.3
An exploitable denial of service vulnerability exists within the handling of security data in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker
24-04-2018 - 15:29 24-04-2018 - 15:29
CVE-2017-2836 4.3
An exploitable denial of service vulnerability exists within the reading of proprietary server certificates in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condit
24-04-2018 - 15:29 24-04-2018 - 15:29
CVE-2017-2835 6.8
An exploitable code execution vulnerability exists in the RDP receive functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromi
24-04-2018 - 15:29 24-04-2018 - 15:29
CVE-2017-2834 6.8
An exploitable code execution vulnerability exists in the authentication functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compr
24-04-2018 - 15:29 24-04-2018 - 15:29
CVE-2017-9269 7.5
In libzypp before August 2018 GPG keys attached to YUM repositories were not correctly pinned, allowing malicious repository mirrors to silently downgrade to unsigned repositories with potential malicious content.
01-03-2018 - 15:29 01-03-2018 - 15:29
CVE-2017-7436 9.3
In libzypp before 20170803 it was possible to retrieve unsigned packages without a warning to the user which could lead to man in the middle or malicious servers to inject malicious RPM packages into a users system.
01-03-2018 - 15:29 01-03-2018 - 15:29
CVE-2017-7435 9.3
In libzypp before 20170803 it was possible to add unsigned YUM repositories without warning to the user that could lead to man in the middle or malicious servers to inject malicious RPM packages into a users system.
01-03-2018 - 15:29 01-03-2018 - 15:29
CVE-2017-8994 7.5
A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely.
10-10-2017 - 17:29 10-10-2017 - 17:29
CVE-2017-1000117 6.8
A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim's machine being executed. Such a URL could be placed in the .gitmodules file of
04-10-2017 - 21:29 04-10-2017 - 21:29
CVE-2017-1000116 10.0
Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks.
04-10-2017 - 21:29 04-10-2017 - 21:29
CVE-2017-1000115 5.0
Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository
04-10-2017 - 21:29 04-10-2017 - 21:29
CVE-2017-1000112 6.9
Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to append. However in between two send() calls, the append path can be switched from
04-10-2017 - 21:29 04-10-2017 - 21:29
CVE-2017-1000111 7.2
Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_
04-10-2017 - 21:29 04-10-2017 - 21:29
CVE-2017-9804 5.0
In Apache Struts 2.3.7 through 2.3.33 and 2.5 through 2.5.12, if an application allows entering a URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when perfor
20-09-2017 - 13:29 20-09-2017 - 13:29
CVE-2017-9793 5.0
The REST Plugin in Apache Struts 2.3.7 through 2.3.33 and 2.5 through 2.5.12 is using an outdated XStream library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted XML payload.
20-09-2017 - 13:29 20-09-2017 - 13:29
CVE-2017-12611 7.5
In Apache Struts 2.0.1 through 2.3.33 and 2.5 through 2.5.10, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack.
20-09-2017 - 13:29 20-09-2017 - 13:29
CVE-2017-9805 6.8
The REST Plugin in Apache Struts 2.1.2 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing X
15-09-2017 - 15:29 15-09-2017 - 15:29
CVE-2017-6362 5.0
Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors.
07-09-2017 - 09:29 07-09-2017 - 09:29
CVE-2017-12133 4.3
Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path.
07-09-2017 - 09:29 07-09-2017 - 09:29
CVE-2017-2870 6.8
An exploitable integer overflow vulnerability exists in the tiff_image_parse functionality of Gdk-Pixbuf 2.36.6 when compiled with Clang. A specially crafted tiff file can cause a heap-overflow resulting in remote code execution. An attacker can send
05-09-2017 - 14:29 05-09-2017 - 14:29
CVE-2017-2862 6.8
An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file
05-09-2017 - 14:29 05-09-2017 - 14:29
CVE-2017-14100 7.5
In Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before 14.6.1 and Certified Asterisk 11.x before 11.6-cert17 and 13.x before 13.13-cert5, unauthorized command execution is possible. The app_minivm module has an "externnotify" program c
02-09-2017 - 12:29 02-09-2017 - 12:29
CVE-2017-14099 5.0
In res/res_rtp_asterisk.c in Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before 14.6.1 and Certified Asterisk 11.x before 11.6-cert17 and 13.x before 13.13-cert5, unauthorized data disclosure (media takeover in the RTP stack) is possi
02-09-2017 - 12:29 02-09-2017 - 12:29
CVE-2017-14098 5.0
In the pjsip channel driver (res_pjsip) in Asterisk 13.x before 13.17.1 and 14.x before 14.6.1, a carefully crafted tel URI in a From, To, or Contact header could cause Asterisk to crash.
02-09-2017 - 12:29 02-09-2017 - 12:29
CVE-2017-14106 4.9
The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code pat
01-09-2017 - 12:29 01-09-2017 - 12:29
CVE-2017-14062 7.5
Integer overflow in the decode_digit function in puny_decode.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact.
31-08-2017 - 12:29 31-08-2017 - 12:29
CVE-2017-14061 7.5
Integer overflow in the _isBidi function in bidi.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact.
31-08-2017 - 12:29 31-08-2017 - 12:29
CVE-2017-14032 6.8
ARM mbed TLS before 1.3.21 and 2.x before 2.1.9, if optional authentication is configured, allows remote attackers to bypass peer authentication via an X.509 certificate chain with many intermediates. NOTE: although mbed TLS was formerly known as Pol
30-08-2017 - 16:29 30-08-2017 - 16:29
CVE-2017-13767 7.8
In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the MSDP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-msdp.c by adding length validation.
30-08-2017 - 05:29 30-08-2017 - 05:29
CVE-2017-13766 5.0
In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could crash with an out-of-bounds write. This was addressed in plugins/profinet/packet-dcerpc-pn-io.c by adding string validation.
30-08-2017 - 05:29 30-08-2017 - 05:29
CVE-2017-13765 5.0
In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the IrCOMM dissector has a buffer over-read and application crash. This was addressed in plugins/irda/packet-ircomm.c by adding length validation.
30-08-2017 - 05:29 30-08-2017 - 05:29
CVE-2017-13744 4.3
There is an illegal address access in the function _lou_getALine() in compileTranslationTable.c:343 in Liblouis 3.2.0.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-13742 4.3
There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in the function includeFile() in compileTranslationTable.c, that will lead to a remote denial of service attack.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-13740 6.8
There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in the function parseChars() in compileTranslationTable.c, that will lead to denial of service or possibly unspecified other impact.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-13739 6.8
There is a heap-based buffer overflow that causes a more than two thousand bytes out-of-bounds write in Liblouis 3.2.0, triggered in the function resolveSubtable() in compileTranslationTable.c. It will lead to denial of service or remote code executi
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-13738 6.8
There is an illegal address access in the _lou_getALine function in compileTranslationTable.c:346 in Liblouis 3.2.0.
29-08-2017 - 02:29 29-08-2017 - 02:29
CVE-2017-12137 7.2
arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref.
24-08-2017 - 10:29 24-08-2017 - 10:29
CVE-2017-12136 6.9
Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service (free list corruption and host crash) or gain privileges on the host via vectors involving maptrack free list handling
24-08-2017 - 10:29 24-08-2017 - 10:29
CVE-2017-12135 4.6
Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants.
24-08-2017 - 10:29 24-08-2017 - 10:29
CVE-2017-12982 4.3
The bmp_read_info_header function in bin/jp2/convertbmp.c in OpenJPEG 2.2.0 does not reject headers with a zero biBitCount, which allows remote attackers to cause a denial of service (memory allocation failure) in the opj_image_create function in lib
21-08-2017 - 03:29 21-08-2017 - 03:29
CVE-2017-10661 7.6
Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel q
19-08-2017 - 14:29 19-08-2017 - 14:29
CVE-2017-12961 5.0
There is an assertion abort in the function parse_attributes() in data/sys-file-reader.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service.
18-08-2017 - 17:29 18-08-2017 - 17:29
CVE-2017-12960 5.0
There is a reachable assertion abort in the function dict_rename_var() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service.
18-08-2017 - 17:29 18-08-2017 - 17:29
CVE-2017-12959 5.0
There is a reachable assertion abort in the function dict_add_mrset() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to a remote denial of service attack.
18-08-2017 - 17:29 18-08-2017 - 17:29
CVE-2017-12958 5.0
There is an illegal address access in the function output_hex() in data/data-out.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service.
18-08-2017 - 17:29 18-08-2017 - 17:29
CVE-2017-11185 5.0
The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted RSA signature.
18-08-2017 - 13:29 18-08-2017 - 13:29
CVE-2017-12855 2.1
Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use. A guest is expected not to modify the grant details while it is in use, whereas the guest is free to modify/reuse the grant entry when it is not in
15-08-2017 - 12:29 15-08-2017 - 12:29
CVE-2017-7890 4.3
The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitia
02-08-2017 - 15:29 02-08-2017 - 15:29
CVE-2017-11334 2.1
The address_space_write_continue function in exec.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds access and guest instance crash) by leveraging use of qemu_map_ram_ptr to access guest
02-08-2017 - 15:29 02-08-2017 - 15:29
CVE-2017-10664 5.0
qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt.
02-08-2017 - 15:29 02-08-2017 - 15:29
CVE-2017-11628 6.8
In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, a stack-based buffer overflow in the zend_ini_do_op() function in Zend/zend_ini_parser.c could cause a denial of service or potentially allow executing code. NOTE: this is only relevant
25-07-2017 - 19:29 25-07-2017 - 19:29
CVE-2017-9233 5.0
XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an external DTD.
25-07-2017 - 16:29 25-07-2017 - 16:29
CVE-2017-11434 2.1
The dhcp_decode function in slirp/bootp.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) via a crafted DHCP options string.
25-07-2017 - 14:29 25-07-2017 - 14:29
CVE-2017-7541 7.2
The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a
25-07-2017 - 00:29 25-07-2017 - 00:29
CVE-2017-11577 6.8
FontForge 20161012 is vulnerable to a buffer over-read in getsid (parsettf.c) resulting in DoS or code execution via a crafted otf file.
23-07-2017 - 18:29 23-07-2017 - 18:29
CVE-2017-11576 4.3
FontForge 20161012 does not ensure a positive size in a weight vector memcpy call in readcfftopdict (parsettf.c) resulting in DoS via a crafted otf file.
23-07-2017 - 18:29 23-07-2017 - 18:29
CVE-2017-11575 6.8
FontForge 20161012 is vulnerable to a buffer over-read in strnmatch (char.c) resulting in DoS or code execution via a crafted otf file, related to a call from the readttfcopyrights function in parsettf.c.
23-07-2017 - 18:29 23-07-2017 - 18:29
CVE-2017-11574 6.8
FontForge 20161012 is vulnerable to a heap-based buffer overflow in readcffset (parsettf.c) resulting in DoS or code execution via a crafted otf file.
23-07-2017 - 18:29 23-07-2017 - 18:29
CVE-2017-11572 6.8
FontForge 20161012 is vulnerable to a heap-based buffer over-read in readcfftopdicts (parsettf.c) resulting in DoS or code execution via a crafted otf file.
23-07-2017 - 18:29 23-07-2017 - 18:29
CVE-2017-11571 6.8
FontForge 20161012 is vulnerable to a stack-based buffer overflow in addnibble (parsettf.c) resulting in DoS or code execution via a crafted otf file.
23-07-2017 - 18:29 23-07-2017 - 18:29
CVE-2017-11569 6.8
FontForge 20161012 is vulnerable to a heap-based buffer over-read in readttfcopyrights (parsettf.c) resulting in DoS or code execution via a crafted otf file.
23-07-2017 - 18:29 23-07-2017 - 18:29
CVE-2017-11568 6.8
FontForge 20161012 is vulnerable to a heap-based buffer over-read in PSCharStringToSplines (psread.c) resulting in DoS or code execution via a crafted otf file.
23-07-2017 - 18:29 23-07-2017 - 18:29
CVE-2017-7542 4.9
The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.
21-07-2017 - 12:29 21-07-2017 - 12:29
CVE-2017-11176 7.2
The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possi
11-07-2017 - 19:29 11-07-2017 - 19:29
CVE-2017-11147 6.4
In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile fu
10-07-2017 - 10:29 10-07-2017 - 10:29
CVE-2017-11146 None
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not an independently fixable security issue relative to CVE-2017-11145. Notes: none.
10-07-2017 - 10:29 10-07-2017 - 10:29
CVE-2017-11145 5.0
In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, an error in the date extension's timelib_meridian parsing code could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/p
10-07-2017 - 10:29 10-07-2017 - 10:29
CVE-2017-11144 5.0
In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, the openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function, which could lead to a crash of the PHP interpreter, related to an interpretation c
10-07-2017 - 10:29 10-07-2017 - 10:29
CVE-2017-11142 7.8
In PHP before 5.6.31, 7.x before 7.0.17, and 7.1.x before 7.1.3, remote attackers could cause a CPU consumption denial of service attack by injecting long form variables, related to main/php_variables.c.
10-07-2017 - 10:29 10-07-2017 - 10:29
CVE-2016-10397 5.0
In PHP before 5.6.28 and 7.x before 7.0.13, incorrect handling of various URI components in the URL parser could be used by attackers to bypass hostname-specific URL checks, as demonstrated by evil.example.com:80#@good.example.com/ and evil.example.c
10-07-2017 - 10:29 10-07-2017 - 10:29
CVE-2017-9524 5.0
The qemu-nbd server in QEMU (aka Quick Emulator), when built with the Network Block Device (NBD) Server support, allows remote attackers to cause a denial of service (segmentation fault and server crash) by leveraging failure to ensure that all initi
06-07-2017 - 12:29 06-07-2017 - 12:29
CVE-2017-10792 4.3
There is a NULL Pointer Dereference in the function ll_insert() of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input
01-07-2017 - 23:29 01-07-2017 - 23:29
CVE-2017-10791 4.3
There is an Integer overflow in the hash_int function of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead
01-07-2017 - 23:29 01-07-2017 - 23:29
CVE-2017-2292 7.5
Versions of MCollective prior to 2.10.4 deserialized YAML from agents without calling safe_load, allowing the potential for arbitrary code execution on the server. The fix for this is to call YAML.safe_load on input. This has been tested in all Puppe
30-06-2017 - 16:29 30-06-2017 - 16:29
CVE-2017-9776 6.8
Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.
22-06-2017 - 17:29 22-06-2017 - 17:29
CVE-2017-9775 4.3
Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document.
22-06-2017 - 17:29 22-06-2017 - 17:29
CVE-2017-9330 1.9
QEMU (aka Quick Emulator) before 2.9.0, when built with the USB OHCI Emulation support, allows local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value, a different vulnerability than CVE-2017-6505.
08-06-2017 - 12:29 08-06-2017 - 12:29
CVE-2017-9469 5.0
In Irssi before 1.0.3, when receiving certain incorrectly quoted DCC files, it tries to find the terminating quote one byte before the allocated memory. Thus, remote attackers might be able to cause a crash.
06-06-2017 - 21:29 06-06-2017 - 21:29
CVE-2017-9468 5.0
In Irssi before 1.0.3, when receiving a DCC message without source nick/host, it attempts to dereference a NULL pointer. Thus, remote IRC servers can cause a crash.
06-06-2017 - 21:29 06-06-2017 - 21:29
CVE-2017-9462 9.0
In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name.
06-06-2017 - 17:29 06-06-2017 - 17:29
CVE-2016-5766 6.8
Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based
19-02-2017 - 01:21 07-08-2016 - 06:59
Back to Top Mark selected
Back to Top