Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2015-8838

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext/mysqlnd/mysqlnd.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional, which allows...

5.9CVSS6.8AI score0.07083EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:10 a.m.7 views

SUSE CVE-2015-8838

ext/mysqlnd/mysqlnd.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, a related issue to CVE-2015-3152...

5.9CVSS7AI score0.01734EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.38 views

SUSE: Security Advisory (SUSE-SU-2016:1145-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.1AI score0.35438EPSS
Exploits3References11
OpenVAS
OpenVAS
added 2021/05/03 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2021-1830)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.9AI score0.02983EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/04/30 12:0 a.m.50 views

EulerOS 2.0 SP3 : php (EulerOS-SA-2021-1830)

According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ext/mysqlnd/mysqlnd.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional, whi...

5.9CVSS7.1AI score0.07083EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2020/06/17 12:0 a.m.77 views

EulerOS 2.0 SP2 : php (EulerOS-SA-2020-1632)

According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ext/mysqlnd/mysqlnd.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional, whi...

7.5CVSS7AI score0.07083EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2020/06/16 12:0 a.m.36 views

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2020-1632)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.04311EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.61 views

SUSE SLES12 Security Update : php5 (SUSE-SU-2016:1166-1)

This update for php5 fixes the following security issues : - CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM bnc973792. - CVE-2015-8835: SoapClient scall method suffered from a type confusion issue that could have lead to crashes bsc973351 - CVE-2016-2554: A NULL pointer dereference in...

10CVSS7.2AI score0.35438EPSS
Exploits3References22
Tenable Nessus
Tenable Nessus
added 2018/01/31 12:0 a.m.123 views

pfSense < 2.2.4 Multiple Vulnerabilities (SA-15_07)

According to its self-reported version number, the remote pfSense install is prior to 2.2.4. It is, therefore, affected by multiple vulnerabilities as stated in the referenced vendor advisories. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid106496;...

7.1CVSS6.9AI score0.07083EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2016/06/17 12:0 a.m.71 views

SUSE SLES11 Security Update : php53 (SUSE-SU-2016:1581-1)

This update for php53 fixes the following issues : - CVE-2016-5093: A geticuvalueinternal out-of-bounds read could crash the php interpreter bsc982010 - CVE-2016-5094,CVE-2016-5095: Don't allow creating strings with lengths outside int range, avoids overflows bsc982011,bsc982012 - CVE-2016-5096: ...

10CVSS8.4AI score0.35438EPSS
Exploits24References90
NVD
NVD
added 2016/05/16 10:59 a.m.25 views

CVE-2015-8838

ext/mysqlnd/mysqlnd.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, a related issue to CVE-2015-3152...

5.9CVSS6AI score0.01734EPSS
Exploits0References9
OSV
OSV
added 2016/05/16 10:59 a.m.1 views

BELL-CVE-2015-8838 CVE-2015-8838 does not affect BellSoft software

Bulletin has no description...

5.9CVSS5.8AI score0.01734EPSS
Exploits0References1
CVE
CVE
added 2016/05/16 10:0 a.m.202 views

CVE-2015-8838

CVE-2015-8838 (PHP ext/mysqlnd) affects PHP’s MySQL native driver (ext/mysqlnd) in PHP upstream: versions before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11. It uses a client SSL option to treat SSL as optional, enabling a man-in-the-middle vulnerability that allows spoofing of servers v...

5.9CVSS5.9AI score0.01734EPSS
Exploits0References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/04/29 12:0 a.m.59 views

openSUSE Security Update : php5 (openSUSE-2016-517)

This update for php5 fixes the following security issues : - CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM bnc973792. - CVE-2015-8835: SoapClient scall method suffered from a type confusion issue that could have lead to crashes bsc973351 - CVE-2016-2554: A NULL pointer dereference in...

10CVSS7.2AI score0.35438EPSS
Exploits3References14
OPENSUSE Linux
OPENSUSE Linux
added 2016/04/28 7:8 p.m.69 views

Security update for php5 (important)

This update for php5 fixes the following security issues: - CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM bnc973792. - CVE-2015-8835: SoapClient scall method suffered from a type confusion issue that could have lead to crashes bsc973351 - CVE-2016-2554: A NULL pointer dereference in...

10CVSS1.2AI score0.35438EPSS
Exploits3References7
OpenVAS
OpenVAS
added 2016/04/28 12:0 a.m.47 views

openSUSE: Security Advisory for php5 (openSUSE-SU-2016:1167-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.8AI score0.35438EPSS
Exploits2References1
OPENSUSE Linux
OPENSUSE Linux
added 2016/04/27 11:7 p.m.71 views

Security update for php5 (important)

This update for php5 fixes the following security issues: - bsc974305: buffer overflow in libmagic - CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM bnc973792. - CVE-2015-8835: SoapClient scall method suffered from type confusion issue bnc973351. - CVE-2016-3141: A use-after-free / double-free...

7.5CVSS2.6AI score0.35438EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2016/04/27 12:0 a.m.44 views

SUSE SLES11 Security Update : php53 (SUSE-SU-2016:1145-1)

This update for php53 fixes the following issues : - CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM bnc973792. - CVE-2015-8835: SoapClient scall method suffered from a type confusion issue that could have lead to crashes bsc973351 - CVE-2016-2554: A NULL pointer dereference in phargetfpoffset...

10CVSS7.3AI score0.35438EPSS
Exploits3References25
Ubuntu
Ubuntu
added 2016/04/21 3:16 p.m.95 views

USN-2952-1: PHP vulnerabilities

It was discovered that the PHP Zip extension incorrectly handled directories when processing certain zip files. A remote attacker could possibly use this issue to create arbitrary directories. CVE-2014-9767 It was discovered that the PHP Soap client incorrectly validated data types. A remote...

10CVSS7.7AI score0.35438EPSS
Exploits4
UbuntuCve
UbuntuCve
added 2015/12/31 12:0 a.m.31 views

CVE-2015-8838

ext/mysqlnd/mysqlnd.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, a related issue to CVE-2015-3152...

5.9CVSS6.9AI score0.01734EPSS
Exploits0References2
Rows per page
Query Builder