Lucene search
K

48 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.8 views

MiracleLinux 8 : php:7.4 (AXSA:2024-9405:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9405:01 advisory. php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: Passwordverify always return true with some hash CVE-2023-0567 php: Missing...

9.8CVSS8AI score0.49336EPSS
Exploits13References12
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.9 views

TencentOS Server 3: php:8.2 (TSSA-2024:1122)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:1122 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.5CVSS7.6AI score0.3786EPSS
Exploits5References7
Oracle linux
Oracle linux
added 2025/05/22 12:0 a.m.17 views

php security update

8.0.30-3 - Fix libxml streams use wrong content-type header when requesting a redirected resource CVE-2025-1219 - Fix Stream HTTP wrapper header check might omit basic auth header CVE-2025-1736 - Fix Stream HTTP wrapper truncate redirect location to 1024 bytes CVE-2025-1861 - Fix Streams HTTP...

6.3CVSS8.5AI score0.49336EPSS
Exploits12
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.9 views

RHEL 9 : php (RHSA-2025:7315)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7315 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to...

8.2CVSS7.6AI score0.49336EPSS
Exploits10References23
Circl
Circl
added 2025/02/22 7:21 p.m.5 views

CVE-2024-5458

creationtimestamp| type| source ---|---|--- 2025-02-22 19:21:29+00:00| seen| Telegram/m0mVz8qFB9qlISngYPlyPRRJ1Hle5f9hkKLn1fbjn2mkiyKRFA 2025-03-14 14:45:11+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7557...

5.3CVSS6.3AI score0.12117EPSS
Exploits1References1
OSV
OSV
added 2024/12/19 4:19 a.m.25 views

RLSA-2024:10949 Moderate: php:8.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 php: passwordverify can erroneously return true, opening ATO risk CVE-2024-3096 php: Filter bypass in filtervar...

7.5CVSS6.8AI score0.3786EPSS
Exploits5References7
OSV
OSV
added 2024/12/19 4:19 a.m.34 views

RLSA-2024:10950 Moderate: php:8.1 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 php: passwordverify can erroneously return true, opening ATO risk CVE-2024-3096 php: Filter bypass in filtervar...

7.5CVSS6.8AI score0.3786EPSS
Exploits5References7
Tenable Nessus
Tenable Nessus
added 2024/12/19 12:0 a.m.22 views

AlmaLinux 8 : php:7.4 (ALSA-2024:10952)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:10952 advisory. php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: Passwordverify always return true with some hash CVE-2023-0567 php: Missing erro...

9.8CVSS7.8AI score0.49336EPSS
Exploits13References13
Tenable Nessus
Tenable Nessus
added 2024/12/13 12:0 a.m.23 views

Oracle Linux 8 : php:7.4 (ELSA-2024-10952)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-10952 advisory. - Fix cgi.forceredirect configuration is bypassable due to the environment variable collision CVE-2024-8927 - Fix Logs from childrens may be altered...

9.8CVSS7.7AI score0.49336EPSS
Exploits13References12
Tenable Nessus
Tenable Nessus
added 2024/12/11 12:0 a.m.23 views

RHEL 9 : php:8.2 (RHSA-2024:10949)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:10949 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to...

7.5CVSS7.2AI score0.49336EPSS
Exploits7References16
Tenable Nessus
Tenable Nessus
added 2024/12/11 12:0 a.m.24 views

RHEL 9 : php:8.1 (RHSA-2024:10950)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:10950 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to...

7.5CVSS7.2AI score0.49336EPSS
Exploits7References15
OSV
OSV
added 2024/12/11 12:0 a.m.21 views

ALSA-2024:10951 Moderate: php:8.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 php: passwordverify can erroneously return true, opening ATO risk CVE-2024-3096 php: Filter bypass in filtervar...

7.5CVSS6.7AI score0.49336EPSS
Exploits7References14
Tenable Nessus
Tenable Nessus
added 2024/12/11 12:0 a.m.20 views

RHEL 8 : php:7.4 (RHSA-2024:10952)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:10952 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: 1-byte array overrun in common...

9.8CVSS7.9AI score0.49336EPSS
Exploits13References26
Tenable Nessus
Tenable Nessus
added 2024/10/14 12:0 a.m.26 views

Debian dla-3920 : libapache2-mod-php7.4 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3920 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3920-1 [email protected]...

7.5CVSS7.5AI score0.12117EPSS
Exploits5References14
Tenable Nessus
Tenable Nessus
added 2024/09/06 12:0 a.m.26 views

Tenable Security Center Multiple Vulnerabilities (TNS-2024-12)

According to its self-reported version, the Tenable Security Center running on the remote host is . It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2024-12 advisory. - Security Center leverages third-party software to help provide underlying functionality. One of t...

8.8CVSS7.2AI score0.28807EPSS
Exploits2References4
Amazon
Amazon
added 2024/08/15 12:0 a.m.7 views

Medium: php8.2

Issue Overview: The opensslprivatedecrypt function in PHP, when using PKCS1 padding OPENSSLPKCS1PADDING, which is the default, is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that includes the changes from this pull request: https://github.com/openssl/openssl/pull/138...

5.9CVSS7.3AI score0.12117EPSS
Exploits2
Amazon
Amazon
added 2024/08/15 12:0 a.m.5 views

Medium: php8.2

Issue Overview: The opensslprivatedecrypt function in PHP, when using PKCS1 padding OPENSSLPKCS1PADDING, which is the default, is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that includes the changes from this pull request: https://github.com/openssl/openssl/pull/138...

5.9CVSS7.2AI score0.12117EPSS
Exploits2
F5 Networks
F5 Networks
added 2024/08/13 7:2 a.m.30 views

K000140695: PHP vulnerability CVE-2024-5458

Security Advisory Description In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, due to a code logic error, filtering functions such as filtervar when validating URLs FILTERVALIDATEURL for certain types of URLs the function will result in invalid user information username ...

5.3CVSS6.6AI score0.12117EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/08/06 12:0 a.m.29 views

Amazon Linux 2023 : php8.2, php8.2-bcmath, php8.2-cli (ALAS2023-2024-678)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-678 advisory. The opensslprivatedecrypt function in PHP, when using PKCS1 padding OPENSSLPKCS1PADDING, which is the default, is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that...

5.9CVSS7.3AI score0.12117EPSS
Exploits2References6
CBLMariner
CBLMariner
added 2024/07/24 12:0 a.m.17 views

CVE-2024-5458 affecting package php for versions less than 8.3.8-1

CVE-2024-5458 affecting package php for versions less than 8.3.8-1. An upgraded version of the package is available that resolves this issue...

5.3CVSS6.9AI score0.12117EPSS
Exploits1
Rows per page
Query Builder