Lucene search
K

27 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2015-4598

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or...

7.5CVSS7.1AI score0.03917EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.46 views

Debian: Security Advisory (DLA-307-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.1AI score0.21398EPSS
Exploits19References2
F5 Networks
F5 Networks
added 2023/02/21 7:49 p.m.43 views

K17049: PHP vulnerability CVE-2015-4598

Security Advisory Description PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls 1 a DOMDocument save method or 2 t...

7.5CVSS8AI score0.03917EPSS
Exploits0Affected Software19
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.35 views

Mageia: Security Advisory (MGASA-2015-0258)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.1AI score0.16948EPSS
Exploits3References6
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.37 views

SUSE: Security Advisory (SUSE-SU-2015:1253-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.8AI score0.50129EPSS
Exploits16References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.40 views

SUSE: Security Advisory (SUSE-SU-2015:1253-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.4AI score0.50129EPSS
Exploits16References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.58 views

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-1544)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.5AI score0.50129EPSS
Exploits25References2
Tenable Nessus
Tenable Nessus
added 2019/01/09 12:0 a.m.55 views

PHP 5.6.x < 5.6.10 Multiple Vulnerabilities

According to its banner, the version of PHP 5.6.x running on the remote web server is prior to 5.6.10. It is, therefore, affected by multiple vulnerabilities : - Multiple heap buffer overflow conditions exist in the bundled Perl-Compatible Regular Expression PCRE library due to improper validatio...

10CVSS9.6AI score0.16948EPSS
Exploits5References10
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.59 views

SUSE SLES12 Security Update : php5 (SUSE-SU-2015:1253-1)

This security update of PHP fixes the following issues : Security issues fixed : - CVE-2015-4024 bnc931421: Fixed multipart/form-data remote DOS Vulnerability. - CVE-2015-4026 bnc931776: pcntlexec did not check path validity. - CVE-2015-4022 bnc931772: Fixed and overflow in ftpgenlist that result...

10CVSS7.2AI score0.50129EPSS
Exploits16References45
Tenable Nessus
Tenable Nessus
added 2016/10/10 12:0 a.m.45 views

F5 Networks BIG-IP : PHP vulnerability (K17049)

PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls 1 a DOMDocument save method or 2 the GD imagepsloadfont function...

7.5CVSS7.7AI score0.03917EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2016/08/31 12:0 a.m.54 views

PHP < 5.4.42, 5.5.x < 5.5.26, 5.6.x < 5.6.10 Multiple Vulnerabilities (Aug 2016) - Linux

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

7.5CVSS9AI score0.06393EPSS
Exploits0References5
CVE
CVE
added 2016/05/16 10:0 a.m.244 views

CVE-2015-4598

CVE-2015-4598 affects PHP prior to 5.4.42, 5.5.x prior to 5.5.26, and 5.6.x prior to 5.6.10. The issue arises because pathnames may contain a NULL byte (%00), which can allow a remote attacker to read or write arbitrary files when an application calls either a DOMDocument save method or the GD im...

7.5CVSS7.5AI score0.03917EPSS
Exploits0References12Affected Software6
securityvulns
securityvulns
added 2015/08/31 12:0 a.m.156 views

[SECURITY] [DSA 3344-1] php5 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3344-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 27, 2015 https://www.debian.org/security/faq -...

10CVSS1.8AI score0.16948EPSS
Exploits2
Debian
Debian
added 2015/08/27 3:0 p.m.58 views

[SECURITY] [DSA 3344-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3344-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 27, 2015 https://www.debian.org/security/faq -...

10CVSS1AI score0.16948EPSS
Exploits2
Debian
Debian
added 2015/08/27 3:0 p.m.72 views

[SECURITY] [DSA 3344-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3344-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 27, 2015 https://www.debian.org/security/faq -...

10CVSS9.9AI score0.16948EPSS
Exploits2
OpenVAS
OpenVAS
added 2015/08/27 12:0 a.m.59 views

Debian Security Advisory DSA 3344-1 (php5 - security update)

Multiple vulnerabilities have been discovered in the PHP language: CVE-2015-4598 thoger at redhat dot com discovered that paths containing a NUL character were improperly handled, thus allowing an attacker to manipulate unexpected files on the server. CVE-2015-4643 Max Spelsberg discovered an...

10CVSS0.3AI score0.16948EPSS
Exploits2References1
OSV
OSV
added 2015/08/27 12:0 a.m.64 views

DSA-3344-1 php5 - security update

Bulletin has no description...

10CVSS8AI score0.16948EPSS
Exploits2
F5 Networks
F5 Networks
added 2015/08/07 12:0 a.m.76 views

SOL17049 - PHP vulnerability CVE-2015-4598

Important: Although the software of the affected F5 products contains the vulnerable code, the affected F5 products do not use the vulnerable code in a way that exposes the vulnerability in a standard configuration. An attacker must have local shell access to the affected F5 products, to trigger ...

7.5CVSS1AI score0.03917EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2015/07/10 12:0 a.m.77 views

CentOS Update for php CESA-2015:1218 centos6

Check the version of php SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882219";...

10CVSS6.8AI score0.15531EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2015/07/10 12:0 a.m.51 views

RedHat Update for php RHSA-2015:1218-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.2AI score0.50129EPSS
Exploits29References2
Rows per page
Query Builder