Lucene search
K

23 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2015-3411

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or...

6.5CVSS6.9AI score0.03439EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.47 views

Debian: Security Advisory (DLA-307-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.1AI score0.21398EPSS
Exploits19References2
F5 Networks
F5 Networks
added 2023/02/21 6:9 p.m.41 views

K17028: PHP vulnerabilities CVE-2015-3411 and CVE-2015-3412

Security Advisory Description CVE-2015-3411 It was found that certain PHP functions did not properly handle file names containing a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions for...

6.5CVSS7.7AI score0.04094EPSS
Exploits2Affected Software18
Tenable Nessus
Tenable Nessus
added 2023/01/12 12:0 a.m.47 views

SUSE SLES12: apache2-mod_php74 / php74 / php74-bcmath / php74-bz2 / etc (SUSE-SU-2023:0072-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0072-1 advisory. - CVE-2022-31631: Fixed an issue where PDO::quote would return an unquoted string bsc1206958. Tenable has extracted the preceding...

9.1CVSS6.8AI score0.15531EPSS
Exploits2References10
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.37 views

SUSE: Security Advisory (SUSE-SU-2015:1253-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.8AI score0.50129EPSS
Exploits16References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.41 views

SUSE: Security Advisory (SUSE-SU-2015:1253-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.4AI score0.50129EPSS
Exploits16References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.46 views

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-1545)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.2AI score0.42401EPSS
Exploits25References2
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.59 views

SUSE SLES12 Security Update : php5 (SUSE-SU-2015:1253-1)

This security update of PHP fixes the following issues : Security issues fixed : - CVE-2015-4024 bnc931421: Fixed multipart/form-data remote DOS Vulnerability. - CVE-2015-4026 bnc931776: pcntlexec did not check path validity. - CVE-2015-4022 bnc931772: Fixed and overflow in ftpgenlist that result...

10CVSS7.2AI score0.50129EPSS
Exploits16References45
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 7:50 p.m.55 views

Security Bulletin: IBM Tealeaf Customer Experience PCA Web UI PHP security issues

Summary The IBM Tealeaf Customer Experience PCA Web UI uses a version of PHP with reported security issues. Vulnerability Details CVEID: CVE-2015-0273 DESCRIPTION: PHP could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error in unserialize with...

10CVSS1.1AI score0.50129EPSS
Exploits23Affected Software1
CVE
CVE
added 2016/05/16 10:0 a.m.243 views

CVE-2015-3411

The CVE-2015-3411 issue affects PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 where pathnames could include a NULL character (\0). This allows remote attackers to read or write arbitrary files via crafted input in calls such as DOMDocument::load, xmlwriter_open_uri, finfo_file, o...

6.5CVSS7.8AI score0.03439EPSS
Exploits1References10Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/02/19 12:0 a.m.42 views

F5 Networks BIG-IP : PHP vulnerabilities (K17028)

CVE-2015-3411 It was found that certain PHP functions did not properly handle file names containing a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions for CVE-2015-3411. CVE-2015-3412 It...

6.5CVSS7AI score0.04094EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2015/10/13 12:0 a.m.60 views

SUSE: Security Advisory for PHP (SUSE-SU-2015:1265-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.8AI score0.16948EPSS
Exploits10References1
OpenVAS
OpenVAS
added 2015/07/10 12:0 a.m.51 views

RedHat Update for php RHSA-2015:1218-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.2AI score0.50129EPSS
Exploits29References2
OpenVAS
OpenVAS
added 2015/07/10 12:0 a.m.77 views

CentOS Update for php CESA-2015:1218 centos6

Check the version of php SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882219";...

10CVSS6.8AI score0.15531EPSS
Exploits2References2
Cent OS
Cent OS
added 2015/07/09 7:23 p.m.123 views

php security update

CentOS Errata and Security Advisory CESA-2015:1218 Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, whic...

10CVSS7.4AI score0.50129EPSS
Exploits30References7
OpenVAS
OpenVAS
added 2015/07/07 12:0 a.m.50 views

openSUSE: Security Advisory for php5 (openSUSE-SU-2015:1197-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.8AI score0.16948EPSS
Exploits3References1
OpenVAS
OpenVAS
added 2015/07/07 12:0 a.m.58 views

Ubuntu: Security Advisory (USN-2658-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.2AI score0.50129EPSS
Exploits19References2
Tenable Nessus
Tenable Nessus
added 2015/07/07 12:0 a.m.64 views

openSUSE Security Update : php5 (openSUSE-2015-471)

The PHP script interpreter was updated to receive various security fixes : - CVE-2015-4602 bnc935224: Fixed an incomplete Class unserialization type confusion. - CVE-2015-4599, CVE-2015-4600, CVE-2015-4601 bnc935226: Fixed type confusion issues in unserialize with various SOAP methods. -...

10CVSS7AI score0.16948EPSS
Exploits13References20
Tenable Nessus
Tenable Nessus
added 2015/06/25 12:0 a.m.51 views

Scientific Linux Security Update : php on SL7.x x86_64 (20150623)

A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, causing it to crash or, possibly, execute arbitrary code. CVE-2015-3330 A flaw was...

10CVSS8.1AI score0.53166EPSS
Exploits44References32
Tenable Nessus
Tenable Nessus
added 2015/06/24 12:0 a.m.314 views

CentOS 7 : php (CESA-2015:1135)

Updated php packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...

10CVSS8AI score0.53166EPSS
Exploits45References33
Rows per page
Query Builder