Lucene search
K

16 matches found

OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.41 views

Debian: Security Advisory (DLA-444-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS9.1AI score0.08653EPSS
Exploits3References2
Veracode
Veracode
added 2019/05/02 5:39 a.m.51 views

Buffer Overflow

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php54 packages provide a recent stable release of PHP with the PEAR 1.9.4, APC 3.1.15, and memcache 3.0.8 PECL extensions, and a number of additional utilities. The php54 packages have been upgraded to...

7.5CVSS9.2AI score0.53166EPSS
Exploits43References35Affected Software6
Veracode
Veracode
added 2019/05/02 5:39 a.m.45 views

Memory Corruption

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to...

7.5CVSS9.2AI score0.53166EPSS
Exploits32References26Affected Software6
Veracode
Veracode
added 2019/05/02 5:39 a.m.60 views

Use-After-Free

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to...

7.5CVSS9.2AI score0.53166EPSS
Exploits32References32Affected Software6
Oracle linux
Oracle linux
added 2016/02/04 12:0 a.m.82 views

php55 security and bug fix update

php55 2.0-1 - fix incorrect selinux contexts 1194336 php55-php 5.5.21-2.0.1 - add dtrace-utils as build dependency 5.5.21-2 - core: fix use-after-free vulnerability in the processnesteddata function unserialize CVE-2015-2787 - core: fix NUL byte injection in file name argument of moveuploadedfile...

10CVSS1.5AI score0.53166EPSS
Exploits34
seebug.org
seebug.org
added 2015/10/10 12:0 a.m.765 views

PHP多版本(5.2,5.4.38~5.6.6)任意文件上传漏洞

PHP任意文件上传漏洞(CVE-2015-2348)。通常情况下,php的开发者会对文件名后缀、文件类型Content-Type、Mime type、文件大小等进行检查来限制恶意php脚本的上传,但是攻击者可以利用该漏洞绕过这些限制,直接上传恶意的文件。 漏洞详情 该漏洞存在于php的moveuploadedfile函数中,这个函数一般在上传文件时被使用,用途是将上传的文件移动到新位置。 moveuploadedfile string $filename , string $destination...

5CVSS7.6AI score0.08653EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2015/06/25 12:0 a.m.51 views

Scientific Linux Security Update : php on SL7.x x86_64 (20150623)

A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, causing it to crash or, possibly, execute arbitrary code. CVE-2015-3330 A flaw was...

10CVSS8.1AI score0.53166EPSS
Exploits44References32
Tenable Nessus
Tenable Nessus
added 2015/06/24 12:0 a.m.314 views

CentOS 7 : php (CESA-2015:1135)

Updated php packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...

10CVSS8AI score0.53166EPSS
Exploits45References33
RedHat Linux
RedHat Linux
added 2015/06/23 8:11 a.m.81 views

Important: Red Hat Security Advisory: php security and bug fix update

Updated php packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...

10CVSS7.4AI score0.53166EPSS
Exploits45References29
OpenVAS
OpenVAS
added 2015/06/16 12:0 a.m.65 views

PHP < 5.4.39, 5.5.x < 5.5.23, 5.6.x < 5.6.7 Multiple Vulnerabilities - Linux

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

7.5CVSS8.5AI score0.27869EPSS
Exploits10References6
Ubuntu
Ubuntu
added 2015/04/20 3:58 p.m.109 views

USN-2572-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled cleanup when used with Apache 2.4. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2015-3330 It was discovered that PHP incorrectly handled opening tar, zip or ph...

7.5CVSS7.6AI score0.38434EPSS
Exploits11
myhack58
myhack58
added 2015/04/06 12:0 a.m.421 views

PHP arbitrary file upload Vulnerability, CVE-2 0 1 5-2 3 4 8 analysis and use-vulnerability and early warning-the black bar safety net

Today, security researchers released a medium-risk vulnerabilities--PHP arbitrary file upload Vulnerability, CVE-2 0 1 5-2 3 4 8 in. Typically, the php developer will be the file name suffix, file typeContent-Type, Mime type, file size, etc. to be checked to limit the malicious php script is...

7.4AI score
Exploits0
myhack58
myhack58
added 2015/04/04 12:0 a.m.28 views

PHP arbitrary file upload Vulnerability, CVE-2 0 1 5-2 3 4 8 analysis-vulnerability warning-the black bar safety net

Last night security news broke of a“PHP arbitrary file upload Vulnerability”, CVE number: CVE-2 0 1 5-2 3 4 8 in. At the time landlord is ready to pack up and go home, see this news my heart a surprised: the lost rivers and lakes for many years the 0 character truncation upload vulnerability and...

7.7AI score
Exploits0
myhack58
myhack58
added 2015/04/04 12:0 a.m.119 views

PHP move_uploaded_file security restrictions bypass Vulnerability(CVE-2 0 1 5-2 3 4 8)-vulnerability warning-the black bar safety net

Affected system: PHP PHP 5.6. x PHP PHP 5.5. x PHP PHP 5.4.39 Description: CVECAN ID: CVE-2 0 1 5-2 3 4 8 PHP is a General-purpose open source scripting language. PHP 5.4.39, and 5.5. x, 5.6. x version of ext/standard/basicfunctions. c, moveuploadedfile encountered\x00 characters will truncate th...

0.1AI score
Exploits0
myhack58
myhack58
added 2015/04/03 12:0 a.m.46 views

PHP arbitrary file upload Vulnerability, CVE-2 0 1 5-2 3 4 8-a vulnerability warning-the black bar safety net

Security researchers today published a medium-risk vulnerabilities--PHP arbitrary file upload Vulnerability, CVE-2 0 1 5-2 3 4 8 in. In the Upload File only when the determined file name is the legal name of the file to conclude that this file is not malicious file, which will indeed lead to othe...

8.1AI score
Exploits0
NVD
NVD
added 2015/03/30 10:59 a.m.37 views

CVE-2015-2348

The moveuploadedfile implementation in ext/standard/basicfunctions.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 truncates a pathname upon encountering a \x00 character, which allows remote attackers to bypass intended extension restrictions and create files with unexpected...

5CVSS7.7AI score0.08653EPSS
Exploits2References18
Rows per page
Query Builder