Lucene search
+L

62 matches found

OpenVAS
OpenVAS
added 2020/01/27 12:0 a.m.43 views

openSUSE: Security Advisory for php7 (openSUSE-SU-2020:0080_1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS7AI score0.08818EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2020/01/24 12:0 a.m.56 views

PHP 7.3.x < 7.3.13 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is prior to 7.2.26, 7.3.x prior to 7.3.13, or 7.4.x prior to 7.4.1. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file read vulnerability exists in link and DirectoryIterator class due to imprope...

9.8CVSS7.7AI score0.08818EPSS
Exploits5References8
Tenable Nessus
Tenable Nessus
added 2020/01/21 12:0 a.m.60 views

openSUSE Security Update : php7 (openSUSE-2020-80)

This update for php7 fixes the following issues : - CVE-2019-11045: Fixed an issue with improper input validation in the filename handling of the DirectoryIterator class bsc1159923. - CVE-2019-11046: Fixed an information leak in bcshiftaddsub bsc1159924. - CVE-2019-11047, CVE-2019-11050: Fixed...

6.5CVSS6.8AI score0.08818EPSS
Exploits3References8
OSV
OSV
added 2020/01/20 9:15 a.m.10 views

OPENSUSE-SU-2020:0080-1 Security update for php7

This update for php7 fixes the following issues: - CVE-2019-11045: Fixed an issue with improper input validation in the filename handling of the DirectoryIterator class bsc1159923. - CVE-2019-11046: Fixed an information leak in bcshiftaddsub bsc1159924. - CVE-2019-11047, CVE-2019-11050: Fixed...

6.5CVSS6.1AI score0.08818EPSS
Exploits3References9
OpenVAS
OpenVAS
added 2020/01/16 12:0 a.m.71 views

Ubuntu: Security Advisory (USN-4239-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.6AI score0.08818EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2020/01/16 12:0 a.m.45 views

Ubuntu 16.04 LTS / 18.04 LTS : PHP vulnerabilities (USN-4239-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4239-1 advisory. It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This...

6.5CVSS7.1AI score0.08818EPSS
Exploits3References5
OSV
OSV
added 2020/01/15 1:21 p.m.4 views

USN-4239-1 php5, php7.0, php7.2, php7.3 vulnerabilities

It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, 16.04 LTS, 18.04 LTS, 19.04 and 19.10. CVE-2019-11045 It was discovered that PHP incorrectly handled certain inputs. An...

6.5CVSS6.7AI score0.08818EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2020/01/15 12:0 a.m.44 views

SUSE SLED15 / SLES15 Security Update : php7 (SUSE-SU-2020:0101-1)

This update for php7 fixes the following issues : CVE-2019-11045: Fixed an issue with improper input validation in the filename handling of the DirectoryIterator class bsc1159923. CVE-2019-11046: Fixed an information leak in bcshiftaddsub bsc1159924. CVE-2019-11047, CVE-2019-11050: Fixed multiple...

6.5CVSS6.8AI score0.08818EPSS
Exploits3References13
Tenable Nessus
Tenable Nessus
added 2020/01/10 12:0 a.m.158 views

PHP 7.2.x < 7.2.26 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.2.x prior to 7.2.26. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file read vulnerability exists in link and DirectoryIterator class due to improper handling of embedded \0 byte character a...

7.5CVSS7.4AI score0.08818EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2020/01/10 12:0 a.m.568 views

PHP 7.3.x < 7.3.13 / 7.4.x < 7.4.1 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.3.x prior to 7.3.13 or 7.4.x prior to 7.4.1. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file read vulnerability exists in link and DirectoryIterator class due to improper handling of...

9.8CVSS7.3AI score0.08818EPSS
Exploits5References8
OpenVAS
OpenVAS
added 2020/01/09 12:0 a.m.280 views

Fedora Update for php FEDORA-2019-a54a622670

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7AI score0.08818EPSS
Exploits5References2
Debian
Debian
added 2019/12/29 10:47 p.m.100 views

[SECURITY] [DLA 2050-1] php5 security update

Package : php5 Version : 5.6.40+dfsg-0+deb8u8 CVE ID : CVE-2019-11045 CVE-2019-11046 CVE-2019-11047 CVE-2019-11050 Several security bugs have been identified and fixed in php5, a server-side, HTML-embedded scripting language. The affected components include the exif module and handling of filenam...

6.5CVSS7.2AI score0.08818EPSS
Exploits3
ALT Linux
ALT Linux
added 2019/12/27 12:0 a.m.130 views

Security fix for the ALT Linux 9 package php7 version 7.3.13-alt1

7.3.13-alt1 built Dec. 27, 2019 Anton Farygin in task 243314 Dec. 20, 2019 Anton Farygin - 7.3.13. Fixes: CVE-2019-11046, CVE-2019-11045, CVE-2019-11049, CVE-2019-11050, CVE-2019-11047...

7.5CVSS6.7AI score0.08818EPSS
Exploits3
CVE
CVE
added 2019/12/23 2:40 a.m.720 views

CVE-2019-11047

The CVE-2019-11047 issue affects the PHP EXIF extension: when parsing EXIF data with exif_read_data(), PHP versions 7.2.x &lt; 7.2.26, 7.3.x

6.5CVSS7AI score0.07473EPSS
Exploits1References13Affected Software1
Cvelist
Cvelist
added 2019/12/23 2:40 a.m.21 views

CVE-2019-11047 Heap-buffer-overflow READ in exif

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure o...

4.8CVSS7.7AI score0.07473EPSS
Exploits1References13
AlpineLinux
AlpineLinux
added 2019/12/23 2:40 a.m.38 views

CVE-2019-11047

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure o...

6.5CVSS7.2AI score0.07473EPSS
Exploits1
ALT Linux
ALT Linux
added 2019/12/20 12:0 a.m.107 views

Security fix for the ALT Linux 10 package php8.0 version 7.3.13-alt1

Dec. 20, 2019 Anton Farygin 7.3.13-alt1 - 7.3.13. Fixes: CVE-2019-11046, CVE-2019-11045, CVE-2019-11049, CVE-2019-11050, CVE-2019-11047...

7.5CVSS9.2AI score0.08818EPSS
Exploits3
ALT Linux
ALT Linux
added 2019/12/20 12:0 a.m.42 views

Security fix for the ALT Linux 10 package php8.1 version 7.3.13-alt1

Dec. 20, 2019 Anton Farygin 7.3.13-alt1 - 7.3.13. Fixes: CVE-2019-11046, CVE-2019-11045, CVE-2019-11049, CVE-2019-11050, CVE-2019-11047...

7.5CVSS9.2AI score0.08818EPSS
Exploits3
OpenVAS
OpenVAS
added 2019/12/19 12:0 a.m.107 views

PHP < 7.2.26 Multiple Vulnerabilities (Dec 2019) - Linux

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

6.5CVSS8.3AI score0.08818EPSS
Exploits3References1
NVD
NVD
added 2018/07/24 7:29 p.m.29 views

CVE-2018-11047

Cloud Foundry UAA, versions 4.19 prior to 4.19.2 and 4.12 prior to 4.12.4 and 4.10 prior to 4.10.2 and 4.7 prior to 4.7.6 and 4.5 prior to 4.5.7, incorrectly authorizes requests to admin endpoints by accepting a valid refresh token in lieu of an access token. Refresh tokens by design have a longe...

7.5CVSS7.5AI score0.01066EPSS
Exploits0References1
Rows per page
Query Builder