24 matches found
MariaDB 10.0.0 < 10.0.18 Multiple Vulnerabilities
The version of MariaDB installed on the remote host is prior to 10.0.18. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.0.18 advisory. - The compilebranch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of...
CVE-2015-2326
The pcrecompile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service out-of-bounds read via regular expression with a group containing both a forward referencing subroutine call and a recursive back reference, as demonstrated by...
CVE-2015-2326
CVE-2015-2326: PCRE library vulnerability in pcre_compile2 (PCRE before 8.37) allows context-dependent attackers to compile incorrect code and trigger a denial of service via an out-of-bounds read when processing a regex such as ((?+1)(\1)). The connected documents confirm the issue is tied to th...
CVE-2015-2326
The pcrecompile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service out-of-bounds read via regular expression with a group containing both a forward referencing subroutine call and a recursive back reference, as demonstrated by...
Arbitrary Code Execution
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
PHP 5.6.x < 5.6.10 Multiple Vulnerabilities
According to its banner, the version of PHP 5.6.x running on the remote web server is prior to 5.6.10. It is, therefore, affected by multiple vulnerabilities : - Multiple heap buffer overflow conditions exist in the bundled Perl-Compatible Regular Expression PCRE library due to improper validatio...
php: Security update (7 CVEs)
The php package has been rebuilt and was uploaded to the Chaos Calmer 15.05 repository due to multiple security issues. VERSION 5.6.8-1 = 5.6.17-1 CHANGELOG Sun, 24 Jan 2016 21:47:52 +0100 18d121b Update to 5.6.17 Fixes CVE-2016-1903. Wed, 23 Dec 2015 16:00:14 -0500 766cfcc Update to 5.6.16 Wed, ...
Amazon Linux: Security Advisory (ALAS-2015-562)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux: Security Advisory (ALAS-2015-563)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux: Security Advisory (ALAS-2015-534)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[USN-2694-1] PCRE vulnerabilities
========================================================================== Ubuntu Security Notice USN-2694-1 July 29, 2015 pcre3 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...
Slackware 14.0 / 14.1 / current : php (SSA:2015-198-02) (BACKRONYM)
New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2015-198-02. The text itself is copyright C...
[slackware-security] php
New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/php-5.4.43-i486-1slack14.1.txz: Upgraded. This update fixes some bugs and security issues. For more information, see:...
Amazon Linux AMI : php56 (ALAS-2015-563)
Upstream reports that several bugs have been fixed as well as several security issues into some bundled libraries CVE-2015-3414 , CVE-2015-3415 , CVE-2015-3416 , CVE-2015-2325 and CVE-2015-2326. All PHP 5.6 users are encouraged to upgrade to this version. Please see the upstream release notes for...
Amazon Linux AMI : php55 (ALAS-2015-562)
Upstream reports that several bugs have been fixed as well as several security issues into some bundled libraries CVE-2015-3414 , CVE-2015-3415 , CVE-2015-3416 , CVE-2015-2325 and CVE-2015-2326. All PHP 5.5 users are encouraged to upgrade to this version. Please see the upstream release notes for...
Medium: php56
Issue Overview: Upstream reports that several bugs have been fixed as well as several security issues into some bundled libraries CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-2325 and CVE-2015-2326. All PHP 5.6 users are encouraged to upgrade to this version. Please see the upstream...
Medium: php55
Issue Overview: Upstream reports that several bugs have been fixed as well as several security issues into some bundled libraries CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-2325 and CVE-2015-2326. All PHP 5.5 users are encouraged to upgrade to this version. Please see the upstream...
Slackware 14.0 / 14.1 / current : php (SSA:2015-162-02)
New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2015-162-02. The text itself is copyright C...
Important: php54
Issue Overview: An integer underflow flaw leading to out-of-bounds memory access was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened. CVE-2015-4021 An integer overflow flaw leading to...
FreeBSD : pcre -- multiple vulnerabilities (4a88e3ed-00d3-11e5-a072-d050996490d0)
PCRE development team reports : A pattern such as '?20,1999?', which has a group containing a forward reference repeated a large but limited number of times within a repeated outer group that has a zero minimum quantifier, caused incorrect code to be compiled, leading to the error 'internal error...