32 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-5773
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phpzip.c in the zip extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 improperly interacts with the unserialize implementation and garba...
Mageia: Security Advisory (MGASA-2016-0238)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:2975-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-1865)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-2043)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : php (EulerOS-SA-2019-1795)
According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The filecheckmem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x befo...
Denial Of Service (DoS) Through Memory Corruption
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Stack-Based Buffer Overflow
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Out-Of-Bounds Read
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Arbitrary Code Execution
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Denial Of Service (DoS)
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Denial Of Service (DoS)
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
SUSE SLES11 Security Update : php53 (SUSE-SU-2018:0806-1)
This update for php53 fixes several issues. These security issues were fixed : - CVE-2016-10712: In PHP all of the return values of streamgetmetadata could be controlled if the input can be controlled e.g., during file uploads. bsc1080234 - CVE-2018-5712: Prevent reflected XSS on the PHAR 404 err...
openSUSE Security Update : php5 (openSUSE-2016-1449)
This update for php5 fixes the following issues : - CVE-2016-9137: Use After Free in unserialize bsc1008029 - CVE-2016-5773: ZipArchive class Use After Free Vulnerability in PHP's GC bsc986247 This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Netwo...
SUSE SLED12 / SLES12 Security Update : php5 (SUSE-SU-2016:2975-1)
This update for php5 fixes the following issues : - CVE-2016-9137: Use After Free in unserialize bsc1008029 - CVE-2016-5773: ZipArchive class Use After Free Vulnerability in PHP's GC bsc986247 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE...
Amazon Linux: Security Advisory (ALAS-2016-728)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-628-1 : php5 security update
CVE-2016-4473.patch An invalid free may occur under certain conditions when processing phar-compatible archives. - CVE-2016-4538.patch The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 accepts a negative integer for the scale argument,...
[SECURITY] [DLA 628-1] php5 security update
Package : php5 Version : 5.4.45-0+deb7u5 CVE ID : CVE-2016-4473 CVE-2016-4538 CVE-2016-5114 CVE-2016-5399 CVE-2016-5768 CVE-2016-5769 CVE-2016-5770 CVE-2016-5771 CVE-2016-5772 CVE-2016-5773 CVE-2016-6289 CVE-2016-6290 CVE-2016-6291 CVE-2016-6292 CVE-2016-6294 CVE-2016-6295 CVE-2016-6296...
DLA-628-1 php5 - security update
Bulletin has no description...
Ubuntu: Security Advisory (USN-3045-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...