75 matches found
MiracleLinux 7 : rh-php73-php-7.3.33-1.el7 (AXSA:2022-3369:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3369:01 advisory. php: password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626 php: Local privilege escalation via PHP-FPM CVE-2021-21703...
MiracleLinux 9 : php-8.0.13-2.el9 (AXSA:2022-4033:02)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4033:02 advisory. php: password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626 Tenable has extracted the preceding description block directly from...
MiracleLinux 8 : php:7.4 (AXSA:2022-3752:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3752:01 advisory. php: password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626 Tenable has extracted the preceding description block directly from...
MiracleLinux 8 : php:8.0 (AXSA:2022-3754:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3754:01 advisory. php: password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626 Tenable has extracted the preceding description block directly from...
Linux Distros Unpatched Vulnerability : CVE-2022-31626
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when pdomysql extension with mysqlnd driver, if the third party is allowed to...
Important: php
Issue Overview: A vulnerability was found in PHP due to an uninitialized array in pgqueryparams function. When using the Postgres database extension, supplying invalid parameters to the parameterized query may lead to PHP attempting to free memory, using uninitialized data as pointers. This flaw...
[SECURITY] [DLA 3243-1] php7.3 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3243-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort December 15, 2022 https://wiki.debian.org/LTS -...
Exploit for Classic Buffer Overflow in Php
CVE-2022-31626 In PHP versions 7.4.x below 7.4.30, 8.0.x bel...
SUSE: Security Advisory (SUSE-SU-2022:4068-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2022:4069-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
AlmaLinux 9 : php (ALSA-2022:5904)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:5904 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. T...
SUSE: Security Advisory (SUSE-SU-2022:3997-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
php:7.4 security, bug fix, and enhancement update
libzip 1.6.1-1 - update to 1.6.1 - enable lzma support php 7.4.30-1 - rebase to 7.4.30 2099615 7.4.19-3 - fix password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626 7.4.19-2 - fix SSRF bypass in FILTERVALIDATEURL CVE-2021-21705 - fix Local privilege escalation via...
EulerOS Virtualization 3.0.6.0 : php (EulerOS-SA-2022-2582)
According to the versions of the php packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying...
Ubuntu: Security Advisory (USN-5479-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP8 : php (EulerOS-SA-2022-2229)
According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters...
Oracle Linux 9 : php (ELSA-2022-5904)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-5904 advisory. 8.0.13-2 - fix password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626 Tenable has extracted the preceding description block directl...
Important: Red Hat Security Advisory: php security update
An update for php is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
php security update
An update is available for php. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PHP is an HTML-embedded scripting language commonly used with the Apache HTTP...
php security update
8.0.13-2 - fix password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626...