PHP File Read Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A fi...

UBUNTU-CVE-2015-8879

The odbcbindcols function in ext/odbc/phpodbc.c in PHP before 5.6.12 mishandles driver behavior for SQLWVARCHAR columns, which allows remote attackers to cause a denial of service application crash in opportunistic circumstances by leveraging use of the odbcfetcharray function to access a certain...

PHP GD Component Denial of Service Vulnerability

PHP PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community.GD is one of the graphical extensions library component. A denial of service vulnerability exists in the GD componen...

[SECURITY] Fedora 24 Update: php-5.6.21-1.fc24

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

PHP has an unspecified vulnerability (CNVD-2016-02887)

PHP is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. PHP allows overriding of 'one definition' values, and no detailed vulnerability details are currently provided...

PHP 'ext/filter/sanitizing_filters.c' integer overflow vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. An integer overflow vulnerability exists in PHP's ext/filter/sanitizingfilters.c file. An attacker could exploit this vulnerability to cause a...

DSA-3560-1 php5 - security update

Bulletin has no description...

PHP Denial of Service Vulnerability (CNVD-2016-02638)

PHP is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. A denial of service vulnerability exists in PHP's Soap client. A remote attacker could exploit this vulnerability to cause a denial of service or execute arbitrary code...

[SECURITY] Fedora 23 Update: php-5.6.20-1.fc23

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

[SECURITY] Fedora 22 Update: php-5.6.17-1.fc22

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

[SECURITY] Fedora 22 Update: ruby-2.2.4-47.fc22

Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks as in Perl. It is simple, straight-forward, and extensible...

Microsoft Windows JScript External Object Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code in applications using the JScript scripting language on vulnerable installations of Microsoft Windows. Microsoft Internet Explorer is an affected application. User interaction is required to exploit this vulnerability in that th...

[SECURITY] Fedora 23 Update: php-5.6.13-1.fc23

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

[SECURITY] Fedora 21 Update: php-5.6.11-1.fc21

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

WordPress VideoWhisper Video Conference Integration Plugin Arbitrary File Download Vulnerability

WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL.VideoWhisper Video Conference Integration is a video conferencing plugin. A security vulnerability in the WordPress VideoWhisper Video Conference Integration plugin...

Important: Red Hat Security Advisory: rh-php56-php security update

Updated rh-php56-php packages that fix multiple security issues are now available for Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

php: Incomplete Class unserialization type confusion

A flaw was discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize function could cause a PHP application to crash or, possibly, execute arbitrary code...

Important: Red Hat Security Advisory: php55-php security update

Updated php55-php packages that fix multiple security issues are now available for Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

PHP null pointer has multiple security restriction bypass vulnerabilities

PHP is a general-purpose scripting language. A security vulnerability exists in PHP due to a missing path in multiple extensions or null byte checking of the path parameter of certain functions. Allowing remote attackers to exploit this vulnerability could allow PHP scripts to access arbitrary...

UBUNTU-CVE-2015-4147

The SoapClient::call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that defaultheaders is an array, which allows remote attackers to execute arbitrary code by providing crafted serialized data with an unexpected data type, related to a...