Lucene search
K

14 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.22 views

Linux Distros Unpatched Vulnerability : CVE-2016-10712

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3, all of the return values of streamgetmetadata can be controlled if the input can be controlled...

7.5CVSS7.9AI score0.02297EPSS
Exploits1References2
F5 Networks
F5 Networks
added 2023/02/21 6:33 p.m.50 views

K42143118: PHP vulnerability CVE-2016-10712

Security Advisory Description In PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3, all of the return values of streamgetmetadata can be controlled if the input can be controlled e.g., during file uploads. For example, a "$uri = streamgetmetadatafopen$file, "r"'uri'" call mishandles th...

7.5CVSS7.9AI score0.02297EPSS
Exploits1
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.34 views

Ubuntu: Security Advisory (USN-3566-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9AI score0.07031EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.32 views

SUSE: Security Advisory (SUSE-SU-2018:0530-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS9.6AI score0.02297EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.52 views

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2018-1096)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.87883EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.54 views

SUSE SLES12 Security Update : php5 (SUSE-SU-2018:0530-1)

This update for php5 fixes the following issues : - CVE-2016-10712: In PHP all of the return values of streamgetmetadata could be controlled if the input can be controlled e.g., during file uploads. bsc1080234 Note that Tenable Network Security has extracted the preceding description block direct...

7.5CVSS7.9AI score0.02297EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2018/03/27 12:0 a.m.59 views

SUSE SLES11 Security Update : php53 (SUSE-SU-2018:0806-1)

This update for php53 fixes several issues. These security issues were fixed : - CVE-2016-10712: In PHP all of the return values of streamgetmetadata could be controlled if the input can be controlled e.g., during file uploads. bsc1080234 - CVE-2018-5712: Prevent reflected XSS on the PHAR 404 err...

9.8CVSS8.5AI score0.87883EPSS
Exploits11References19
OpenVAS
OpenVAS
added 2018/03/20 12:0 a.m.74 views

Ubuntu: Security Advisory (USN-3600-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.87883EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2018/02/26 12:0 a.m.48 views

openSUSE Security Update : php5 (openSUSE-2018-209)

This update for php5 fixes the following issues : - CVE-2016-10712: In PHP all of the return values of streamgetmetadata could be controlled if the input can be controlled e.g., during file uploads. bsc1080234 This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 7030...

7.5CVSS7.9AI score0.02297EPSS
Exploits1References2
OSV
OSV
added 2018/02/23 8:43 a.m.20 views

SUSE-SU-2018:0530-1 Security update for php5

This update for php5 fixes the following issues: - CVE-2016-10712: In PHP all of the return values of streamgetmetadata could be controlled if the input can be controlled e.g., during file uploads. bsc1080234...

7.5CVSS8AI score0.02297EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2018/02/20 12:0 a.m.181 views

PHP < 5.5.32, 5.6.x < 5.6.18, 7.x < 7.0.3 Privilege Escalation Vulnerability - Linux

PHP is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

7.5CVSS8.3AI score0.02297EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2018/02/20 12:0 a.m.111 views

PHP < 5.5.32, 5.6.x < 5.6.18, 7.x < 7.0.3 Privilege Escalation Vulnerability - Windows

PHP is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

7.5CVSS8.3AI score0.02297EPSS
Exploits1References2
CVE
CVE
added 2018/02/09 6:0 a.m.176 views

CVE-2016-10712

CVE-2016-10712 affects PHP, where the return values of stream_get_meta_data become controllable when input is attacker-controlled (e.g., file uploads). Specifically vulnerable are PHP versions: before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3. The vulnerability can allow an attacker to se...

7.5CVSS8.2AI score0.02297EPSS
Exploits1References4Affected Software1
UbuntuCve
UbuntuCve
added 2018/02/09 12:0 a.m.41 views

CVE-2016-10712

In PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3, all of the return values of streamgetmetadata can be controlled if the input can be controlled e.g., during file uploads. For example, a "$uri = streamgetmetadatafopen$file, "r"'uri'" call mishandles the case where $file is...

7.5CVSS7.1AI score0.02297EPSS
Exploits1References3
Rows per page
Query Builder