Lucene search
K

39 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.37 views

RHEL 4 : php (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - php: paths with NULL character were considered valid CVE-2006-7243 - php: XSLT file writing vulnerability...

7.5CVSS7.8AI score0.0826EPSS
Exploits9References9
SUSE CVE
SUSE CVE
added 2023/02/15 6:13 a.m.5 views

SUSE CVE-2006-7243

PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the fileexists function...

5CVSS7AI score0.05363EPSS
Exploits2References8
OpenWrt
OpenWrt
added 2016/01/28 12:23 p.m.724 views

php: Security update (7 CVEs)

The php package has been rebuilt and was uploaded to the Chaos Calmer 15.05 repository due to multiple security issues. VERSION 5.6.8-1 = 5.6.17-1 CHANGELOG Sun, 24 Jan 2016 21:47:52 +0100 18d121b Update to 5.6.17 Fixes CVE-2016-1903. Wed, 23 Dec 2015 16:00:14 -0500 766cfcc Update to 5.6.16 Wed, ...

7.5CVSS0.07806EPSS
Exploits5References18
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.53 views

Oracle: Security Advisory (ELSA-2014-0311)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS7.3AI score0.28167EPSS
Exploits45References2
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.55 views

Oracle: Security Advisory (ELSA-2013-1615)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.2AI score0.10136EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2015/07/07 12:0 a.m.54 views

Fedora Update for php FEDORA-2015-8281

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.6AI score0.50129EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2015/06/12 12:0 a.m.60 views

Slackware 14.0 / 14.1 / current : php (SSA:2015-162-02)

New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2015-162-02. The text itself is copyright C...

7.8CVSS7.3AI score0.50129EPSS
Exploits8References9
Prion
Prion
added 2015/06/09 6:59 p.m.37 views

Design/Logic Flaw

The pcntlexec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character, which might allow remote attackers to bypass intended extension restrictions and execute files with unexpected names via a crafted first argument...

7.5CVSS7.1AI score0.1968EPSS
Exploits3References18Affected Software9
CVE
CVE
added 2015/06/09 6:0 p.m.268 views

CVE-2015-4026

The CVE-2015-4026 issue affects PHP prior to 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9. The pcntl_exec implementation truncates a pathname when it hits a null byte (\x00), which may allow remote attackers to bypass extension restrictions and execute files with unintended names via a cra...

7.5CVSS8.2AI score0.1968EPSS
Exploits1References18Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/05/18 12:0 a.m.127 views

PHP 5.4.x < 5.4.41 Multiple Vulnerabilities

According to its banner, the version of PHP 5.4.x running on the remote web server is prior to 5.4.41. It is, therefore, affected by multiple vulnerabilities : - Multiple unspecified flaws in pcrelib. CVE-2015-2325, CVE-2015-2326 - A flaw in the pharparsetarfile function in ext/phar/tar.c could...

7.8CVSS8.4AI score0.50129EPSS
Exploits8References9
Tenable Nessus
Tenable Nessus
added 2015/05/18 12:0 a.m.109 views

PHP 5.6.x < 5.6.9 Multiple Vulnerabilities

According to its banner, the version of PHP 5.6.x running on the remote web server is prior to 5.6.9. It is, therefore, affected by multiple vulnerabilities : - Multiple unspecified flaws in pcrelib. CVE-2015-2325, CVE-2015-2326 - A flaw in the pharparsetarfile function in ext/phar/tar.c could...

7.8CVSS8.4AI score0.50129EPSS
Exploits8References9
Tenable Nessus
Tenable Nessus
added 2014/10/10 12:0 a.m.75 views

F5 Networks BIG-IP : Multiple PHP vulnerabilities (K13519)

PHP has been cited with the following multiple vulnerabilities, which may be locally exploitable on some F5 products : CVE-2006-7243 PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file...

10CVSS8.4AI score0.83911EPSS
Exploits27References16
Tenable Nessus
Tenable Nessus
added 2014/03/20 12:0 a.m.64 views

Scientific Linux Security Update : php on SL5.x i386/x86_64 (20140318)

A buffer overflow flaw was found in the way PHP parsed floating point numbers from their text representation. If a PHP application converted untrusted input strings to numbers, an attacker able to provide such input could cause the application to crash or, possibly, execute arbitrary code with th...

6.8CVSS7.8AI score0.28167EPSS
Exploits45References3
OpenVAS
OpenVAS
added 2014/03/20 12:0 a.m.52 views

RedHat Update for php RHSA-2014:0311-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS8.3AI score0.28167EPSS
Exploits45References2
Tenable Nessus
Tenable Nessus
added 2014/03/19 12:0 a.m.59 views

RHEL 5 : php (RHSA-2014:0311)

Updated php packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are availabl...

6.8CVSS7.8AI score0.28167EPSS
Exploits45References5
RedHat Linux
RedHat Linux
added 2014/03/18 7:43 p.m.61 views

Critical: Red Hat Security Advisory: php security update

Updated php packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are availabl...

6.8CVSS7.5AI score0.28167EPSS
Exploits45References4
Oracle linux
Oracle linux
added 2014/03/18 12:0 a.m.98 views

php security update

5.1.6-44 - add security fixes for CVE-2006-7243, CVE-2009-0689...

6.8CVSS1.4AI score0.28167EPSS
Exploits45
Tenable Nessus
Tenable Nessus
added 2013/11/27 12:0 a.m.54 views

Oracle Linux 6 : php (ELSA-2013-1615)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-1615 advisory. - add security fix for CVE-2013-4248 - rename patch to math CVE-2010-3709 name - add security fixes for CVE-2006-7243, CVE-2013-1643 Tenable has...

5CVSS7.5AI score0.13333EPSS
Exploits8References4
Oracle linux
Oracle linux
added 2013/11/25 12:0 a.m.81 views

php security, bug fix, and enhancement update

5.3.3-26 - add security fix for CVE-2013-4248 5.3.3-25 - rename patch to math CVE-2010-3709 name - add security fixes for CVE-2006-7243, CVE-2013-1643 5.3.3-24 - fix buffer overflow in pdopgsqlerror 969110 - fix double free when destroyzendclass fails 910466 - fix segfault in errorhandler with...

5CVSS4AI score0.13333EPSS
Exploits8
RedHat Linux
RedHat Linux
added 2013/11/20 4:38 p.m.59 views

Moderate: Red Hat Security Advisory: php security, bug fix, and enhancement update

Updated php packages that fix three security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which giv...

5CVSS7.3AI score0.10136EPSS
Exploits2References6
Rows per page
Query Builder