47 matches found
MiracleLinux 8 : php:7.4 (AXSA:2024-9405:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9405:01 advisory. php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: Passwordverify always return true with some hash CVE-2023-0567 php: Missing...
MiracleLinux 8 : php:8.0 (AXSA:2023-6531:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6531:01 advisory. php: XML loading external entity without being enabled CVE-2023-3823 php: phar Buffer mismanagement CVE-2023-3824 php: 1-byte array overrun in commo...
CVE-2023-3824 affecting package php for versions less than 8.2.8-1
CVE-2023-3824 affecting package php for versions less than 8.2.8-1. A patched version of the package is available...
Important: php
Issue Overview: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in nextstateval during regular expression compilation. Octal numbers larger than 0xff are not handled correctly i...
AlmaLinux 8 : php:7.4 (ALSA-2024:10952)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:10952 advisory. php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: Passwordverify always return true with some hash CVE-2023-0567 php: Missing erro...
CLSA-2024-1734368090 php: Fix of CVE-2023-3824
CVE-2023-3824: Update length checking in PHAR directory entries reading to prevent stack buffer overflow and potential memory corruption or RCE...
Oracle Linux 8 : php:7.4 (ELSA-2024-10952)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-10952 advisory. - Fix cgi.forceredirect configuration is bypassable due to the environment variable collision CVE-2024-8927 - Fix Logs from childrens may be altered...
RHEL 8 : php:7.4 (RHSA-2024:10952)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:10952 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: 1-byte array overrun in common...
Ubuntu 16.04 LTS / 18.04 LTS : PHP regression (USN-6305-3)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6305-3 advisory. USN-6305-2 fixed a vulnerability in PHP. The update caused a regression in Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. This update fix it. Tenable has...
RHEL 8 : php (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - php: Out of bounds access in phppcre.c:phppcrereplaceimpl CVE-2017-9118 - php: 1-byte array overrun in...
[SECURITY] [DSA 5660-1] php7.4 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5660-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 15, 2024 https://www.debian.org/security/faq -...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Php
PHP Malicious Phar File PoC CVE-2023-3824 Description T...
openSUSE: Security Advisory for php7 (SUSE-SU-2023:3541-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for php7 (SUSE-SU-2023:3528-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for php7 (SUSE-SU-2023:3498-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6305-2: PHP vulnerabilities
USN-6305-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that PHP incorrectly handled certain XML files. An attacker could possibly use this issue to...
LockBit Ransomware's Darknet Domains Seized in Global Law Enforcement Raid
Update: The U.K. National Crime Agency NCA has confirmed the takedown of LockBit infrastructure. Read here for more details. An international law enforcement operation has led to the seizure of multiple darknet domains operated by LockBit, one of the most prolific ransomware groups, marking the...
RLSA-2024:0387 Moderate: php:8.1 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: DoS vulnerability when parsing multipart request body CVE-2023-0662 php: Missing error check and insufficient random bytes...
Moderate: Red Hat Security Advisory: php:8.1 security update
An update for the php:8.1 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
ALSA-2024:0387 Moderate: php:8.1 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: DoS vulnerability when parsing multipart request body CVE-2023-0662 php: Missing error check and insufficient random bytes...