Lucene search
K

22 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2015-3412

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read...

5.3CVSS6.9AI score0.04094EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.47 views

Debian: Security Advisory (DLA-307-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.1AI score0.21398EPSS
Exploits19References2
F5 Networks
F5 Networks
added 2023/02/21 6:9 p.m.41 views

K17028: PHP vulnerabilities CVE-2015-3411 and CVE-2015-3412

Security Advisory Description CVE-2015-3411 It was found that certain PHP functions did not properly handle file names containing a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions for...

6.5CVSS7.7AI score0.04094EPSS
Exploits2Affected Software18
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.41 views

SUSE: Security Advisory (SUSE-SU-2015:1253-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.4AI score0.50129EPSS
Exploits16References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.37 views

SUSE: Security Advisory (SUSE-SU-2015:1253-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.8AI score0.50129EPSS
Exploits16References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.58 views

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-1544)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.5AI score0.50129EPSS
Exploits25References2
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.59 views

SUSE SLES12 Security Update : php5 (SUSE-SU-2015:1253-1)

This security update of PHP fixes the following issues : Security issues fixed : - CVE-2015-4024 bnc931421: Fixed multipart/form-data remote DOS Vulnerability. - CVE-2015-4026 bnc931776: pcntlexec did not check path validity. - CVE-2015-4022 bnc931772: Fixed and overflow in ftpgenlist that result...

10CVSS7.2AI score0.50129EPSS
Exploits16References45
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 7:50 p.m.55 views

Security Bulletin: IBM Tealeaf Customer Experience PCA Web UI PHP security issues

Summary The IBM Tealeaf Customer Experience PCA Web UI uses a version of PHP with reported security issues. Vulnerability Details CVEID: CVE-2015-0273 DESCRIPTION: PHP could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error in unserialize with...

10CVSS1.1AI score0.50129EPSS
Exploits23Affected Software1
CVE
CVE
added 2016/05/16 10:0 a.m.222 views

CVE-2015-3412

CVE-2015-3412 affects PHP prior to 5.4.40, 5.5.x prior to 5.5.24, and 5.6.x prior to 5.6.8. The issue stems from not ensuring that pathnames lack %00 sequences when stream_resolve_include_path is used, enabling a filename\0.extension attack to bypass a restricted extension and read files. Public ...

5.3CVSS7AI score0.04094EPSS
Exploits1References10Affected Software1
Cvelist
Cvelist
added 2016/05/16 10:0 a.m.34 views

CVE-2015-3412

PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read arbitrary files via crafted input to an application that calls the streamresolveincludepath function in ext/standard/streamsfuncs.c, as...

7.2AI score0.04094EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2016/02/19 12:0 a.m.42 views

F5 Networks BIG-IP : PHP vulnerabilities (K17028)

CVE-2015-3411 It was found that certain PHP functions did not properly handle file names containing a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions for CVE-2015-3411. CVE-2015-3412 It...

6.5CVSS7AI score0.04094EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2015/07/10 12:0 a.m.51 views

RedHat Update for php RHSA-2015:1218-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.2AI score0.50129EPSS
Exploits29References2
Cent OS
Cent OS
added 2015/07/09 7:23 p.m.123 views

php security update

CentOS Errata and Security Advisory CESA-2015:1218 Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, whic...

10CVSS7.4AI score0.50129EPSS
Exploits30References7
OpenVAS
OpenVAS
added 2015/07/07 12:0 a.m.58 views

Ubuntu: Security Advisory (USN-2658-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.2AI score0.50129EPSS
Exploits19References2
OpenVAS
OpenVAS
added 2015/07/07 12:0 a.m.50 views

openSUSE: Security Advisory for php5 (openSUSE-SU-2015:1197-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.8AI score0.16948EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
added 2015/07/07 12:0 a.m.64 views

openSUSE Security Update : php5 (openSUSE-2015-471)

The PHP script interpreter was updated to receive various security fixes : - CVE-2015-4602 bnc935224: Fixed an incomplete Class unserialization type confusion. - CVE-2015-4599, CVE-2015-4600, CVE-2015-4601 bnc935226: Fixed type confusion issues in unserialize with various SOAP methods. -...

10CVSS7AI score0.16948EPSS
Exploits13References20
Tenable Nessus
Tenable Nessus
added 2015/06/25 12:0 a.m.51 views

Scientific Linux Security Update : php on SL7.x x86_64 (20150623)

A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, causing it to crash or, possibly, execute arbitrary code. CVE-2015-3330 A flaw was...

10CVSS8.1AI score0.53166EPSS
Exploits44References32
Tenable Nessus
Tenable Nessus
added 2015/06/24 12:0 a.m.314 views

CentOS 7 : php (CESA-2015:1135)

Updated php packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...

10CVSS8AI score0.53166EPSS
Exploits45References33
RedHat Linux
RedHat Linux
added 2015/06/23 8:11 a.m.81 views

Important: Red Hat Security Advisory: php security and bug fix update

Updated php packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...

10CVSS7.4AI score0.53166EPSS
Exploits45References29
OSV
OSV
added 2015/06/23 12:0 a.m.1 views

UBUNTU-CVE-2015-3412

PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read arbitrary files via crafted input to an application that calls the streamresolveincludepath function in ext/standard/streamsfuncs.c, as...

5.3CVSS6.9AI score0.04094EPSS
Exploits1References5
Rows per page
Query Builder