EUVD-2023-56220

Malicious code in bioql PyPI...

BIT-LIBPHP-2023-0662 DoS vulnerability when parsing multipart request body

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space...

BIT-LIBPHP-2023-0568 Array overrun in common path resolve code

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value,...

WordPress plugin ActiveCampaign 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

OPENSUSE-SU-2024:12711-1 php8-8.1.16-1.1 on GA media

These are all security issues fixed in the php8-8.1.16-1.1 package on the GA media of openSUSE Tumbleweed...

WordPress plugin Quiz And Survey Master Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

PT-2024-14163 · Expresstech · Expresstech Quiz/Survey Master

Name of the Vulnerable Software and Affected Versions: ExpressTech Quiz And Survey Master versions 8.1.16 and earlier Description: The issue is related to a Missing Authorization vulnerability in ExpressTech Quiz And Survey Master. Recommendations: For ExpressTech Quiz And Survey Master versions...

WordPress Quiz And Survey Master Plugin <= 8.1.16 is vulnerable to Broken Access Control

Software Quiz And Survey Master Type Plugin Vulnerable versions = 8.1.16 Fixed in 8.1.17 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-51507 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID a01b6a13b8b9 Credits Revan Arifio Require...

Amazon Linux 2 : php (ALASPHP8.1-2023-002)

The version of php installed on the remote host is prior to 8.1.16-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2PHP8.1-2023-002 advisory. 2023-09-14: CVE-2023-0568 was added to this advisory. In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before...

Tenable SecurityCenter 5.22.0 / 5.23.1 / 6.0.0 Multiple Vulnerabilities (TNS-2023-18)

According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is running 5.22.0 or 5.23.1 or 6.0.0 and and is therefore affected by multiple vulnerabilities in PHP prior to version 8.0.28 / 8.1.16 / 8.2.3: - In PHP 8.0.X before 8.0.28, 8.1.X before...

CVE-2023-0568 affecting package php for versions less than 8.1.16-1

CVE-2023-0568 affecting package php for versions less than 8.1.16-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-0567 affecting package php for versions less than 8.1.16-1

CVE-2023-0567 affecting package php for versions less than 8.1.16-1. An upgraded version of the package is available that resolves this issue...

AZL-13605 CVE-2023-0662 affecting package php for versions less than 8.1.16-1

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space...

CVE-2023-0568

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value,...

PHP 8.1.x < 8.1.16

The version of PHP installed on the remote host is prior to 8.1.16. It is, therefore, affected by a vulnerability as referenced in the Version 8.1.16 advisory. - In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high...