MiracleLinux 8 : php:7.4 (AXSA:2024-9405:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9405:01 advisory. php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: Passwordverify always return true with some hash CVE-2023-0567 php: Missing...

Medium: ImageMagick

Issue Overview: ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick's Magick++ layer that manifests when Options::fontFamily is invoked with an empty string. Clearing a font family...

ECHO-3096-1F46-4FF4

Bulletin has no description...

CVE-2015-3096

creationtimestamp| type| source ---|---|--- 2025-08-31 03:01:20+00:00| seen| MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d...

CVE-2024-3096 affecting package php for versions less than 8.3.6-1

CVE-2024-3096 affecting package php for versions less than 8.3.6-1. A patched version of the package is available...

TencentOS Server 4: php (TSSA-2025:0004)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0004 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

TencentOS Server 3: php:8.2 (TSSA-2024:1122)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:1122 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

CVE-2022-3096

The WP Total Hacks WordPress plugin through 4.7.2 does not prevent low privilege users from modifying the plugin's settings. This could allow users such as subscribers to perform Stored Cross-Site Scripting attacks against other users, like administrators, due to the lack of sanitisation and...

CVE-2013-3096

D-Link DIR865L v1.03 suffers from an "Unauthenticated Hardware Linking" vulnerability...

php security update

8.0.30-3 - Fix libxml streams use wrong content-type header when requesting a redirected resource CVE-2025-1219 - Fix Stream HTTP wrapper header check might omit basic auth header CVE-2025-1736 - Fix Stream HTTP wrapper truncate redirect location to 1024 bytes CVE-2025-1861 - Fix Streams HTTP...

RHEL 9 : php (RHSA-2025:7315)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7315 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to...

CVE-2022-3096

creationtimestamp| type| source ---|---|--- 2025-05-06 16:22:05+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/15162...

CVE-2025-3096

Clinic’s Patient Management System versions 2.0 suffers from a SQL injection vulnerability in the login page...

CVE-2025-3096

creationtimestamp| type| source ---|---|--- 2025-04-01 19:40:22+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3llrmukp5dy2s 2025-04-01 22:15:40+00:00| seen| https://t.me/cvedetector/21798 2025-05-21 15:50:12+00:00| seen|...

RHEL 9 : kpatch-patch-5_14_0-284_104_1, kpatch-patch-5_14_0-284_52_1, kpatch-patch-5_14_0-284_79_1, and kpatch-patch-5_14_0-284_92_1 (RHSA-2025:3096)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3096 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module i...

CLSA-2024-1735161696 php: Fix of 3 CVEs

CVE-2024-2756: Fix issue introduced by incomplete fix of CVE-2022-31629 to prevent network and same-site attackers from setting insecure cookies in victim's browser - CVE-2024-3096: Fix issue where passwordverify incorrectly returns true when testing a blank string with password starting with a...

RLSA-2024:10950 Moderate: php:8.1 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 php: passwordverify can erroneously return true, opening ATO risk CVE-2024-3096 php: Filter bypass in filtervar...

RLSA-2024:10949 Moderate: php:8.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 php: passwordverify can erroneously return true, opening ATO risk CVE-2024-3096 php: Filter bypass in filtervar...

AlmaLinux 8 : php:7.4 (ALSA-2024:10952)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:10952 advisory. php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: Passwordverify always return true with some hash CVE-2023-0567 php: Missing erro...

Oracle Linux 8 : php:7.4 (ELSA-2024-10952)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-10952 advisory. - Fix cgi.forceredirect configuration is bypassable due to the environment variable collision CVE-2024-8927 - Fix Logs from childrens may be altered...