PHP up to 7.3.32/7.4.25/8.0.12 XML Parser simplexml_load_file null termination

A vulnerability classified as problematic has been found in PHP up to 7.3.32/7.4.25/8.0.12 (Programming Language Software). Affected is the function simplexml_load_file of the component XML Parser. Upgrading to version 7.3.33, 7.4.26 or 8.0.13 eliminates this vulnerability.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2022-37397 : YUGABYTEDB 2.6.1 LDAP AUTHENTICATION CONFIG

CVE-2022-37397 : YUGABYTEDB 2.6.1 LDAP AUTHENTICATION CONFIG

Description An issue was discovered in the YugabyteDB 2.6.1 when using LDAP-based authentication in YCQL with Microsoft’s Active Directory. When

CVE-2022-28750 : ZOOM ON-PREMISE MEETING CONNECTOR ZONE CONTROLLER PRIOR 4.8.20220419.112 STUN ERROR CODE STACK-BASED OVERFLOW

CVE-2022-28750 : ZOOM ON-PREMISE MEETING CONNECTOR ZONE CONTROLLER PRIOR 4.8.20220419.112 STUN ERROR CODE STACK-BASED OVERFLOW

Description Zoom On-Premise Meeting Connector Zone Controller (ZC) before version 4.8.20220419.112 fails to properly parse STUN error codes, which can

CVE-2022-2756 : KAREADITA KAVITA UP TO 0.5.4.0 SERVER-SIDE REQUEST FORGERY

CVE-2022-2756 : KAREADITA KAVITA UP TO 0.5.4.0 SERVER-SIDE REQUEST FORGERY

Description Server-Side Request Forgery (SSRF) in GitHub repository kareadita/kavita prior to 0.5.4.1. References https://huntr.dev/bounties/95e7c181-9d80-4428-aebf-687ac55a9216 https://github.com/kareadita/kavita/commit/9c31f7e7c81b919923cb2e3857439ec0d16243e4 For More Information MITRE