Postprocessor IDE for SolidCAM 资源管理错误漏洞

Postprocessor IDE for SolidCAM is a GPPL language development support tool developed by Andrey Zorin. Versions of Postprocessor IDE for SolidCAM from 1.0.0 to 1.0.2 contained a resource management vulnerability. This vulnerability arose from the language server’s parsing of.vmid files in the same...

Astra Linux - уязвимость в c3p0

C3P0 versions less than 0.9.5.4 may be exploited by a “billion laughs attack” when loading XML configuration, due to the lack of protections against recursive entity expansion during the loading of configuration files...

CLSA-2026-1776971672 php: Fix of 3 CVEs

CVE-2021-21707: fix NUL byte truncation in XML/DOM URI file loading - CVE-2022-31628: fix phar wrapper denial of service when loading compressed quine archives - CVE-2022-31629: discard HTTP variables that mangle into Host- or Secure- prefixes...

EUVD-2020-17608

Malware in sbrugna...

EUVD-2022-5643

Malicious code in bioql PyPI...

RLSA-2024:10952 Moderate: php:7.4 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: Passwordverify always return true with some hash CVE-2023-0567 php: Missing error check and insufficient random bytes in...

Moderate: Red Hat Security Advisory: php:7.4 security update

An update for the php:7.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

ALSA-2024:10952 Moderate: php:7.4 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: Passwordverify always return true with some hash CVE-2023-0567 php: Missing error check and insufficient random bytes in...

Moderate: php:7.4 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: Passwordverify always return true with some hash CVE-2023-0567 php: Missing error check and insufficient random bytes in...

RLSA-2024:0387 Moderate: php:8.1 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: DoS vulnerability when parsing multipart request body CVE-2023-0662 php: Missing error check and insufficient random bytes...

php:8.1 security update

An update is available for php-pecl-zip, module.php-pecl-apcu, php-pecl-xdebug3, module.php-pecl-xdebug3, php-pecl-rrd, module.php-pecl-rrd, module.php-pecl-zip, php-pecl-apcu. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...

Moderate: php:8.1 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: DoS vulnerability when parsing multipart request body CVE-2023-0662 php: Missing error check and insufficient random bytes...

Important: Red Hat Security Advisory: php:8.0 security update

An update for the php:8.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

ALSA-2023:5926 Important: php security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: XML loading external entity without being enabled CVE-2023-3823 php: phar Buffer mismanagement CVE-2023-3824 php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: DoS...

RHEL 9 : php (RHSA-2023:5926)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5926 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: XML loading external entity witho...

Important: php:8.0 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: XML loading external entity without being enabled CVE-2023-3823 php: phar Buffer mismanagement CVE-2023-3824 php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: DoS...

SUSE-SU-2023:3528-1 Security update for php7

This update for php7 fixes the following issues: - CVE-2023-3823: Fixed an issue with external entity loading in XML without enabling it. bsc1214106 - CVE-2023-3824: Fixed a buffer overflow in phardirread. bsc1214103...

GHSA-WV9C-PFPM-4WC5 Moodle CSRF Vulnerability

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. A sesskey CSRF token was not being utilised by the XML loading/unloading admin tool...

krpano Panorama Viewer 跨站脚本漏洞

krpano Panorama Viewer is a software for viewing panorama files from the German company krpano. The software supports high-resolution images, interactive virtual roaming, custom-designed user interface, and other features. A cross-site scripting vulnerability exists in Krpano Panorama Viewer 1.20...

UBUNTU-CVE-2019-10186

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. A sesskey CSRF token was not being utilised by the XML loading/unloading admin tool...