Lucene search
+L

145 matches found

nessus
nessus
added 2020/04/29 12:0 a.m.135 views

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4342-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4342-1 advisory. Al Viro discovered that the Linux kernel for s390x systems did not properly perform page table upgrades for kernel sections that use secondary address...

7.5CVSS7.5AI score0.0415EPSS
Exploits2References8
nessus
nessus
added 2020/03/09 12:0 a.m.31 views

Debian DSA-4342-1 : chromium-browser - security update

Description not provided by Debian for this vulnerability. For further details on the vulnerability, contact Debian. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4342. The text itself is copyright C Softwa...

8.8CVSS9.3AI score0.00895EPSS
Exploits0References4
openvas
openvas
added 2020/01/23 12:0 a.m.47 views

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2017-1067)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.4AI score0.42401EPSS
Exploits14References2
openvas
openvas
added 2020/01/23 12:0 a.m.45 views

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2017-1068)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.4AI score0.42401EPSS
Exploits14References2
osv
osv
added 2019/09/17 7:15 p.m.3 views

CVE-2019-4342

IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 161421...

5.4CVSS5.9AI score0.00987EPSS
Exploits0References3
cve
cve
added 2019/09/17 7:5 p.m.85 views

CVE-2019-4342

CVE-2019-4342 affects IBM Cognos Analytics 11.0 and 11.1. The vulnerability is a cross-site scripting flaw in the Web UI that could let an attacker embed arbitrary JavaScript, potentially leading to credentials disclosure within a trusted session. Exploitation status is not provided in the docume...

5.4CVSS5.6AI score0.00987EPSS
Exploits0References3Affected Software1
veracode
veracode
added 2019/05/02 6:2 a.m.59 views

Stack-Based Buffer Overflow

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

9.8CVSS9AI score0.36974EPSS
Exploits78References17Affected Software3
veracode
veracode
added 2019/05/02 6:2 a.m.53 views

Out-Of-Bounds Read

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

9.8CVSS9AI score0.36974EPSS
Exploits78References16Affected Software3
veracode
veracode
added 2019/05/02 6:2 a.m.49 views

Denial Of Service (DoS) Through Memory Corruption

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

9.8CVSS9AI score0.36974EPSS
Exploits78References16Affected Software3
veracode
veracode
added 2019/05/02 6:2 a.m.57 views

Arbitrary Code Execution

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

9.8CVSS9AI score0.36974EPSS
Exploits78References15Affected Software3
veracode
veracode
added 2019/05/02 6:2 a.m.57 views

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

9.8CVSS9AI score0.36974EPSS
Exploits78References19Affected Software3
veracode
veracode
added 2019/05/02 6:2 a.m.55 views

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

9.8CVSS9AI score0.36974EPSS
Exploits78References6Affected Software3
nvd
nvd
added 2019/04/03 6:29 p.m.20 views

CVE-2018-4342

A configuration issue was addressed with additional restrictions. This issue affected versions prior to macOS Mojave 10.14.1...

5.5CVSS5AI score0.00301EPSS
Exploits0References1
cve
cve
added 2019/04/03 5:43 p.m.78 views

CVE-2018-4342

CVE-2018-4342 is tied to macOS and was fixed in macOS Mojave 10.14.1. The available description indicates a configuration issue that could be mitigated by applying the 10.14.1 Security Update, which adds restrictions and addresses the vulnerability. Affected context in the provided materials cent...

5.5CVSS5.8AI score0.00301EPSS
Exploits0References1Affected Software1
nessus
nessus
added 2019/01/02 12:0 a.m.75 views

SUSE SLES12 Security Update : php5 (SUSE-SU-2016:1504-1)

This update for php5 fixes the following issues : Security issues fixed : - CVE-2016-4346: heap overflow in ext/standard/string.c bsc977994 - CVE-2016-4342: heap corruption in tar/zip/phar parser bsc977991 - CVE-2016-4537, CVE-2016-4538: bcpowmod accepts negative scale causing heap buffer overflo...

9.8CVSS8.1AI score0.12179EPSS
Exploits14References36
cvelist
cvelist
added 2018/03/16 2:4 p.m.10 views

CVE-2017-4342

...

Exploits0
cve
cve
added 2018/03/16 2:4 p.m.22 views

CVE-2017-4342

CVE-2017-4342 is rejected/not used as stated in the Initial Description.

7.3AI score
Exploits0
openvas
openvas
added 2018/01/04 12:0 a.m.47 views

Debian: Security Advisory (DLA-818-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8AI score0.35438EPSS
Exploits4References3
debian
debian
added 2017/02/07 4:25 p.m.76 views

[SECURITY] [DLA 818-1] php5 security update

Package : php5 Version : 5.4.45-0+deb7u7 CVE ID : CVE-2016-2554 CVE-2016-3141 CVE-2016-3142 CVE-2016-4342 CVE-2016-9934 CVE-2016-9935 CVE-2016-10158 CVE-2016-10159 CVE-2016-10160 CVE-2016-10161 PHP-Bugs : 71323 70979 71039 71459 71391 71335 Several issues have been discovered in PHP recursive...

10CVSS7.5AI score0.35438EPSS
Exploits3
seebug
seebug
added 2016/11/18 12:0 a.m.112 views

PHP 'ext/phar/phar_object. c' heap overflow vulnerability, CVE-2016-4342)

Parse . tar/. zip/. phar file, the stack boundary condition control is not strict, leading to possible heap overflow. Create a new empty file"aaaa"0 byte, packaged into a "aaaa. tar"file is not compressed before the aaaa file size is 0 it. By PharFileInfo object getContent method to get the aaaa...

8.3CVSS7.7AI score0.05345EPSS
Exploits2
Rows per page
Query Builder