23 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-3411
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or...
Debian: Security Advisory (DLA-307-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
K17028: PHP vulnerabilities CVE-2015-3411 and CVE-2015-3412
Security Advisory Description CVE-2015-3411 It was found that certain PHP functions did not properly handle file names containing a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions for...
SUSE SLES12: apache2-mod_php74 / php74 / php74-bcmath / php74-bz2 / etc (SUSE-SU-2023:0072-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0072-1 advisory. - CVE-2022-31631: Fixed an issue where PDO::quote would return an unquoted string bsc1206958. Tenable has extracted the preceding...
SUSE: Security Advisory (SUSE-SU-2015:1253-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:1253-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-1545)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : php5 (SUSE-SU-2015:1253-1)
This security update of PHP fixes the following issues : Security issues fixed : - CVE-2015-4024 bnc931421: Fixed multipart/form-data remote DOS Vulnerability. - CVE-2015-4026 bnc931776: pcntlexec did not check path validity. - CVE-2015-4022 bnc931772: Fixed and overflow in ftpgenlist that result...
Security Bulletin: IBM Tealeaf Customer Experience PCA Web UI PHP security issues
Summary The IBM Tealeaf Customer Experience PCA Web UI uses a version of PHP with reported security issues. Vulnerability Details CVEID: CVE-2015-0273 DESCRIPTION: PHP could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error in unserialize with...
CVE-2015-3411
The CVE-2015-3411 issue affects PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 where pathnames could include a NULL character (\0). This allows remote attackers to read or write arbitrary files via crafted input in calls such as DOMDocument::load, xmlwriter_open_uri, finfo_file, o...
F5 Networks BIG-IP : PHP vulnerabilities (K17028)
CVE-2015-3411 It was found that certain PHP functions did not properly handle file names containing a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions for CVE-2015-3411. CVE-2015-3412 It...
SUSE: Security Advisory for PHP (SUSE-SU-2015:1265-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RedHat Update for php RHSA-2015:1218-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS Update for php CESA-2015:1218 centos6
Check the version of php SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882219";...
php security update
CentOS Errata and Security Advisory CESA-2015:1218 Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, whic...
openSUSE: Security Advisory for php5 (openSUSE-SU-2015:1197-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-2658-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : php5 (openSUSE-2015-471)
The PHP script interpreter was updated to receive various security fixes : - CVE-2015-4602 bnc935224: Fixed an incomplete Class unserialization type confusion. - CVE-2015-4599, CVE-2015-4600, CVE-2015-4601 bnc935226: Fixed type confusion issues in unserialize with various SOAP methods. -...
Scientific Linux Security Update : php on SL7.x x86_64 (20150623)
A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, causing it to crash or, possibly, execute arbitrary code. CVE-2015-3330 A flaw was...
CentOS 7 : php (CESA-2015:1135)
Updated php packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...