The vulnerability of the fileexists function in the PHP programming language allows attackers to circumvent existing security restrictions.

The vulnerability of the fileexists function in the PHP programming language exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker to bypass existing security restrictions remotely...

The vulnerability of the PDORow implementation in the PHP programming language interpreter allows attackers to trigger a service failure.

The vulnerability of the PDORow implementation in the PHP programming language exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures...

The vulnerability of the ext/phar/tar.c component of the PHP programming language interpreter allows a attacker to trigger a service failure or possibly cause other adverse effects.

The vulnerability of the ext/phar/tar.c component in the PHP programming language arises due to buffer overflow. Exploiting this vulnerability can allow an attacker to cause service interruptions or potentially have other effects using a specially created .TAR archive...

The vulnerability of the mcrypt extension in the PHP programming language interpreter allows a hacker to trigger a service failure or possibly cause other effects.

The vulnerability of the mcrypt extension in the PHP programming language interpreter is caused by a numerical overflow condition. Exploiting this vulnerability could allow an attacker to cause service failures or potentially have other adverse effects...

The vulnerability of the phar_parse_pharfile function in the PHP programming language allows a hacker to trigger a service failure.

The vulnerability of the pharparsepharfile function in the PHP programming language is caused by a numerical overflow condition. Exploiting this vulnerability can allow an attacker to cause service interruptions...

The vulnerability of the phar_parse_zipfile function in the PHP programming language allows a hacker to trigger a service failure.

The vulnerability of the pharparsezipfile function ext/phar/zip.c in the PHP programming language is related to errors in number processing. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

The vulnerability of the php_zip.c component of the PHP programming language interpreter allows a attacker to execute arbitrary PHP code or cause a service failure.

The vulnerability of the phpzip.c component of the PHP programming language interpreter relates to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to execute arbitrary PHP code or cause a service failure by using specially created serialized data containing a...

CLSA-2022-1650575892 Update of php 5.3: Remove mariadb102 patch to eliminate faulty functionality

Remove mariadb102 patch to eliminate faulty functionality...

The vulnerability of the php_wddx_process_data function in the PHP programming language allows a hacker to trigger a service failure.

The vulnerability of the phpwddxprocessdata function ext/wddx/wddx.c in the PHP programming language exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures by using an invalid ISO 8601 time value...

CVE-2022-24828

Composer is a dependency manager for the PHP programming language. Integrators using Composer code to call VcsDriver::getFileContent can have a code injection vulnerability if the user can control the $file or $identifier argument. This leads to a vulnerability on packagist.org for example where...

The vulnerabilities of the Go programming language’s `net.ParseIP` and `net.ParseCIDR` components allow attackers to compromise data integrity.

The vulnerability of the net.ParseIP and net.ParseCIDR components in the Go programming language is related to incorrect handling of zeros at the beginning of an IP address octal number. Exploiting this vulnerability allows a remote attacker to compromise data integrity...

[SECURITY] Fedora 36 Update: golang-1.18~rc1-2.fc36

The Go Programming Language...

SUSE SLED15 / SLES15 Security Update : rust, rust1.58, rust1.59 (SUSE-SU-2022:0843-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:0843-1 advisory. - Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe...

openSUSE 15 Security Update : rust, rust1.58, rust1.59 (openSUSE-SU-2022:0843-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:0843-1 advisory. - Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security...

[SECURITY] Fedora 34 Update: lua-5.4.4-1.fc34

Lua is a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Lua is free software. Lua combines simple procedural syntax with powerful data description constructs based on associative arrays and...

PT-2022-17010 · Php · Crypt Gpg

Name of the Vulnerable Software and Affected Versions: Crypt GPG extension for PHP versions prior to 1.6.7 Description: The issue concerns the Crypt GPG extension for PHP, where it fails to prevent additional options in GPG calls. This poses a risk for certain environments and GPG versions...

Important: Red Hat Security Advisory: ruby:2.5 security update

An update for the ruby:2.5 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

[SECURITY] Fedora 35 Update: lua-5.4.4-1.fc35

Lua is a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Lua is free software. Lua combines simple procedural syntax with powerful data description constructs based on associative arrays and...

Trellix Global Defenders: BlackCat Ransomware as a Service - The Cat is certainly out of the bag!

Trellix Global Defenders: BlackCat Ransomware as a Service - The Cat is certainly out of the bag! By Trellix · February 8, 2022 Research Contributions and Analysis: Filippo Sitzia This story was written by Arnab Roy Threat Summary Blackcat also known as ALPHV/Noberus is a Ransomware as a Service...

Exploit for Out-of-bounds Write in Polkit_Project Polkit

Polkit-CVE-2021-4034-HLP Polkit CVE-2021-4034 exploitation in...