Lucene search
K

45 matches found

F5 Networks
F5 Networks
added 2023/02/21 7:52 p.m.205 views

K16021: PHP vulnerability CVE-2014-8142

Security Advisory Description Use-after-free vulnerability in the processnesteddata function in ext/standard/varunserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages imprope...

7.5CVSS8.1AI score0.53166EPSS
Exploits8
OpenVAS
OpenVAS
added 2022/04/21 12:0 a.m.36 views

Slackware: Security Advisory (SSA:2014-356-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8AI score0.53166EPSS
Exploits8References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.41 views

SUSE: Security Advisory (SUSE-SU-2015:0370-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.1AI score0.53166EPSS
Exploits51References54
Veracode
Veracode
added 2019/05/02 5:39 a.m.43 views

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php54 packages provide a recent stable release of PHP with the PEAR 1.9.4, APC 3.1.15, and memcache 3.0.8 PECL extensions, and a number of additional utilities. The php54 packages have been upgraded to...

9.8CVSS9.3AI score0.53166EPSS
Exploits43References22Affected Software6
Veracode
Veracode
added 2019/05/02 5:39 a.m.43 views

Arbitrary Code Execution

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php54 packages provide a recent stable release of PHP with the PEAR 1.9.4, APC 3.1.15, and memcache 3.0.8 PECL extensions, and a number of additional utilities. The php54 packages have been upgraded to...

9.8CVSS9.3AI score0.53166EPSS
Exploits43References25Affected Software6
Veracode
Veracode
added 2019/05/02 5:39 a.m.51 views

Buffer Overflow

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php54 packages provide a recent stable release of PHP with the PEAR 1.9.4, APC 3.1.15, and memcache 3.0.8 PECL extensions, and a number of additional utilities. The php54 packages have been upgraded to...

7.5CVSS9.2AI score0.53166EPSS
Exploits43References35Affected Software6
Veracode
Veracode
added 2019/05/02 5:39 a.m.60 views

Use-After-Free

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to...

7.5CVSS9.2AI score0.53166EPSS
Exploits32References32Affected Software6
Veracode
Veracode
added 2019/05/02 5:39 a.m.49 views

Use-After-Free

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to...

7.5CVSS9.2AI score0.53166EPSS
Exploits32References49Affected Software5
Veracode
Veracode
added 2019/05/02 5:39 a.m.45 views

Memory Corruption

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to...

7.5CVSS9.2AI score0.53166EPSS
Exploits32References26Affected Software6
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.56 views

SUSE SLES12 Security Update : php5 (SUSE-SU-2015:0365-1)

php5 was updated to fix four security issues. These security issues were fixed : - CVE-2015-0231: Use-after-free vulnerability in the processnesteddata function in ext/standard/varunserializer.re in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allowed remote attackers to execute...

10CVSS7.8AI score0.53166EPSS
Exploits12References14
OpenVAS
OpenVAS
added 2015/09/29 12:0 a.m.66 views

Gentoo Security Advisory GLSA 201503-03

Gentoo Linux Local Security Checks GLSA 201503-03 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

7.5CVSS6.8AI score0.53166EPSS
Exploits12References1
securityvulns
securityvulns
added 2015/09/14 12:0 a.m.194 views

[security bulletin] HPSBMU03409 rev.1 - HP Matrix Operating Environment, Multiple Vulnerabilities

Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04774019 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04774019 Version: 1 HPSBMU03409 rev.1 - HP Matrix Operating Environment, Multiple...

10CVSS0.2AI score0.9994EPSS
Exploits45
Tenable Nessus
Tenable Nessus
added 2015/06/25 12:0 a.m.51 views

Scientific Linux Security Update : php on SL7.x x86_64 (20150623)

A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, causing it to crash or, possibly, execute arbitrary code. CVE-2015-3330 A flaw was...

10CVSS8.1AI score0.53166EPSS
Exploits44References32
Tenable Nessus
Tenable Nessus
added 2015/06/24 12:0 a.m.314 views

CentOS 7 : php (CESA-2015:1135)

Updated php packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...

10CVSS8AI score0.53166EPSS
Exploits45References33
RedHat Linux
RedHat Linux
added 2015/06/23 8:11 a.m.80 views

Important: Red Hat Security Advisory: php security and bug fix update

Updated php packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...

10CVSS7.4AI score0.53166EPSS
Exploits45References29
RedHat Linux
RedHat Linux
added 2015/06/04 8:2 a.m.3 views

php: use after free vulnerability in unserialize() (incomplete fix of CVE-2014-8142)

A use-after-free flaw was found in the way PHP's unserialize function processed data. If a remote attacker was able to pass crafted input to PHP's unserialize function, they could cause the PHP interpreter to crash or, possibly, execute arbitrary code...

7.5CVSS7AI score0.53166EPSS
Exploits10References4
Check Point Advisories
Check Point Advisories
added 2015/05/18 12:0 a.m.17 views

PHP Core unserialize process nested data Use After Free - Ver2 (CVE-2014-8142)

A use-after-free vulnerability has been reported in PHP core. The vulnerability is due to a use after free error when handling serialized objects with identical keys within the unserialize function. An attacker could exploit this vulnerability by sending crafted serialized data to a web applicati...

7.5CVSS2.6AI score0.53166EPSS
Exploits8
Check Point Advisories
Check Point Advisories
added 2015/04/29 12:0 a.m.17 views

PHP Core unserialize process nested data Use After Free - ver 2 (CVE-2014-8142; CVE-2015-0231)

A code execution vulnerability has been reported in PHP core. The vulnerability is due to a use after free error when handling serialized objects with identical number key names within the unserialize function. A remote attacker can exploit the vulnerability by sending crafted serialized data to ...

7.5CVSS2.5AI score0.53166EPSS
Exploits10
Tenable Nessus
Tenable Nessus
added 2015/03/09 12:0 a.m.69 views

GLSA-201503-03 : PHP: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201503-03 PHP: Multiple vulnerabilities Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. Impact : A remote attacker can leverage these vulnerabilities to execute...

7.5CVSS7.5AI score0.53166EPSS
Exploits12References7
Tenable Nessus
Tenable Nessus
added 2015/02/25 12:0 a.m.67 views

SuSE 11.3 Security Update : php53 (SAT Patch Number 10313)

PHP 5.3 was updated to fix three security issues : - Use-after-free vulnerability allowed remote attackers to execute arbitrary code via a crafted unserialize call that leveraged improper handling of duplicate keys within the serialized properties of an object. bnc910659. CVE-2014-8142 -...

7.5CVSS7.5AI score0.53166EPSS
Exploits11References9
Rows per page
Query Builder