Lucene search
K

40 matches found

F5 Networks
F5 Networks
added 2023/02/21 6:26 p.m.32 views

K15303: PHP vulnerability CVE-2013-7345

Security Advisory Description The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service CPU consumption via a crafted ASCII file tha...

5CVSS8.3AI score0.0304EPSS
Exploits1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.20 views

Mageia: Security Advisory (MGASA-2014-0142)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS9.6AI score0.0304EPSS
Exploits1References4
Veracode
Veracode
added 2019/01/15 9:11 a.m.38 views

Denial Of Service (DoS)

file is vulnerable to denial of service DoS attacks. The vulnerability exists as file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service CPU consumption via a crafted file that triggers backtracking duri...

5CVSS6.7AI score0.11814EPSS
Exploits2References31Affected Software3
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.304 views

Oracle: Security Advisory (ELSA-2014-1013)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.30128EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2015/09/29 12:0 a.m.67 views

Gentoo Security Advisory GLSA 201408-11

Gentoo Linux Local Security Checks GLSA 201408-11 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

7.5CVSS6.9AI score0.35635EPSS
Exploits16References1
OpenVAS
OpenVAS
added 2015/09/29 12:0 a.m.41 views

Gentoo Security Advisory GLSA 201408-08

Gentoo Linux Local Security Checks GLSA 201408-08 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

5CVSS8.1AI score0.0304EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2014/11/05 12:0 a.m.64 views

Debian DSA-3064-1 : php5 - security update

Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. It has been decided to follow the stable 5.4.x releases for the Wheezy PHP packages. Consequently the vulnerabilities are addressed by upgrading PHP to a new upstream...

7.5CVSS8AI score0.28862EPSS
Exploits4References7
RedHat Linux
RedHat Linux
added 2014/10/30 7:45 p.m.80 views

Important: Red Hat Security Advisory: php54-php security update

Updated php54-php packages that fix multiple security issues are now available for Red Hat Software Collections 1. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

7.5CVSS7.3AI score0.30128EPSS
Exploits16References26
Tenable Nessus
Tenable Nessus
added 2014/10/17 12:0 a.m.130 views

PHP 5.6.0 Multiple Vulnerabilities

According to its banner, the version of PHP installed on the remote host is a development version of 5.6.0. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not attempted to exploit this issue but has instead relied only on application's self-reported version number...

7.5CVSS7.1AI score0.30128EPSS
Exploits16References29
Tenable Nessus
Tenable Nessus
added 2014/10/12 12:0 a.m.24 views

Amazon Linux AMI : php54 (ALAS-2014-333)

The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service CPU consumption via a crafted ASCII file that triggers a large amount of...

5CVSS8AI score0.0304EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2014/10/12 12:0 a.m.26 views

Amazon Linux AMI : php55 (ALAS-2014-332)

The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service CPU consumption via a crafted ASCII file that triggers a large amount of...

5CVSS8AI score0.0304EPSS
Exploits1References2
OSV
OSV
added 2014/09/29 12:0 a.m.49 views

DLA-67-1 php5 - security update

Bulletin has no description...

6.8CVSS7.6AI score0.20237EPSS
Exploits2
OpenVAS
OpenVAS
added 2014/09/10 12:0 a.m.69 views

CentOS Update for php CESA-2014:1013 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.30128EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2014/08/27 12:0 a.m.70 views

PHP 5.5.x < 5.5.16 Multiple Vulnerabilities

According to its banner, the remote web server is running a version of PHP 5.5.x prior to 5.5.16. It is, therefore, affected by the following vulnerabilities : - LibGD contains a NULL pointer dereference flaw in its 'gdImageCreateFromXpm' function in the 'gdxpm.c' file. By using a specially craft...

6.8CVSS7.8AI score0.22319EPSS
Exploits6References11
OSV
OSV
added 2014/08/21 12:0 a.m.49 views

DSA-3008-1 php5 - security update

Bulletin has no description...

6.8CVSS7.6AI score0.20237EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2014/08/07 12:0 a.m.281 views

Oracle Linux 7 : php (ELSA-2014-1013)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1013 advisory. - fileinfo: cdfunpacksummaryinfo excessive looping DoS. CVE-2014-0237 - fileinfo: CDF property info parsing nelements infinite loop. CVE-2014-0238 -...

7.5CVSS7.6AI score0.30128EPSS
Exploits6References11
RedHat Linux
RedHat Linux
added 2014/08/06 6:5 a.m.54 views

Moderate: Red Hat Security Advisory: php security update

Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

7.5CVSS7.3AI score0.30128EPSS
Exploits6References11
Oracle linux
Oracle linux
added 2014/08/06 12:0 a.m.88 views

php security update

5.4.16-23 - fileinfo: cdfunpacksummaryinfo excessive looping DoS. CVE-2014-0237 - fileinfo: CDF property info parsing nelements infinite loop. CVE-2014-0238 - fileinfo: cdfcheckstreamoffset insufficient boundary check. CVE-2014-3479 - fileinfo: cdfcountchain insufficient boundary check...

7.5CVSS2.8AI score0.30128EPSS
Exploits6
Mageia
Mageia
added 2014/08/05 8:8 p.m.55 views

Updated file packages fix security vulnerability

file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service CPU consumption via a crafted file that triggers backtracking during processing of an awk rule, due to an incomplete fix for CVE-2013-7345...

5CVSS7.4AI score0.11814EPSS
Exploits1References3
Amazon
Amazon
added 2014/07/23 12:0 a.m.68 views

Medium: file

Issue Overview: A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file. Buffer overflow in the mconve...

6.5CVSS8.6AI score0.20805EPSS
Exploits3
Rows per page
Query Builder