Lucene search
K

27 matches found

OSV
OSV
added 2014/06/23 12:5 p.m.3 views

USN-2254-1 php5 vulnerabilities

Christian Hoffmann discovered that the PHP FastCGI Process Manager FPM set incorrect permissions on the UNIX socket. A local attacker could use this issue to possibly elevate their privileges. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. CVE-2014-0185 Francisco...

7.2CVSS7.4AI score0.20805EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2014/05/08 12:0 a.m.35 views

PHP 5.4.x < 5.4.27, 5.5.x < 5.5.12 Privilege Escalation Vulnerability

PHP is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; ifdescription...

7.2CVSS8.8AI score0.00505EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2014/05/05 12:0 a.m.72 views

PHP 5.5.x < 5.5.12 FPM Unix Socket Insecure Permission Escalation

According to its banner, the version of PHP 5.5.x installed on the remote host is a version prior to 5.5.12. It is, therefore, potentially affected by a permission escalation vulnerability. A flaw exists within the FastCGI Process Manager FPM when setting permissions for a Unix socket. This could...

7.2CVSS8.1AI score0.00505EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2014/05/05 12:0 a.m.35 views

PHP 5.4.x < 5.4.28 FPM Unix Socket Insecure Permission Escalation

According to its banner, the version of PHP 5.4.x installed on the remote host is a version prior to 5.4.28. It is, therefore, potentially affected by a permission escalation vulnerability. A flaw exists within the FastCGI Process Manager FPM when setting permissions for a Unix socket. This could...

7.2CVSS8.1AI score0.00505EPSS
Exploits1References4
Oracle linux
Oracle linux
added 2013/02/27 12:0 a.m.62 views

php security, bug fix and enhancement update

5.3.3-22 - php-xml provides php-xmlreader and php-xmlwriter 874987 - fix possible NULL derefence and buffer overflow 879179 - fix zend garbage collector 848186, 868375 5.3.3-21 - fix CVE reference in previous changelog entry 5.3.3-20 - remove reproducer from security fix for CVE-2012-0781 5.3.3-1...

10CVSS0.1AI score0.10768EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2011/03/18 12:0 a.m.88 views

PHP 5.3 < 5.3.6 Multiple Vulnerabilities

According to its banner, the version of PHP 5.3.x installed on the remote host is older than 5.3.6. - A NULL pointer can be dereferenced in the function 'zipnamelocate' when processing empty archives and can lead to application crashes or code execution. Exploitation requires the...

7.5CVSS8.9AI score0.17881EPSS
Exploits25References23
The Hacker News
The Hacker News
added 2011/03/17 6:9 p.m.35 views

PHP 5.3.6 closes five security holes !

The PHP developers have released PHP 5.3.6, a maintenance update to the PHP interpreter. Among over 60 bug fixes are a number of fixes for security related problems. A format string vulnerability in the phar extension of PHP 5.3.5, CVE-2011-1153, may allow attackers to view memory, cause a denial...

7.5CVSS7.8AI score0.17881EPSS
Exploits5
Rows per page
Query Builder