31 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-7479
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote...
SUSE CVE-2016-7479
In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution...
SUSE: Security Advisory (SUSE-SU-2017:0534-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : php7 (SUSE-SU-2017:0534-1)
This update for php7 fixes the following security issues : - CVE-2016-7480: The SplObjectStorage unserialize implementation in ext/spl/splobserver.c in PHP did not verify that a key is an object, which allowed remote attackers to execute arbitrary code or cause a denial of service uninitialized...
Debian: Security Advisory (DLA-875-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux AMI : php70 (ALAS-2017-812)
Integer overflow in gdio.c in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image. CVE-2016-10168 In all versions of PHP 7, during the unserialization process, resizing the...
Medium: php70
Issue Overview: Integer overflow in gdio.c in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image. CVE-2016-10168 In all versions of PHP 7, during the unserialization...
Debian DLA-875-1 : php5 security update
Several issues have been discovered in PHP recursive acronym for PHP: Hypertext Preprocessor, a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML. CVE-2016-7478: Zend/zendexceptions.c in PHP allows remote attacke...
[SECURITY] [DLA 875-1] php5 security update
Package : php5 Version : 5.4.45-0+deb7u8 CVE ID : CVE-2016-7478 CVE-2016-7479 CVE-2017-7272 Several issues have been discovered in PHP recursive acronym for PHP: Hypertext Preprocessor, a widely-used open source general-purpose scripting language that is especially suited for web development and...
Ubuntu 16.04 LTS : PHP regression (USN-3211-2)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3211-2 advisory. USN-3211-1 fixed vulnerabilities in PHP by updating to the new 7.0.15 upstream release. PHP 7.0.15 introduced a regression when using MySQL with large blobs. This...
Ubuntu: Security Advisory (USN-3211-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for php7 (important)
This update for php7 fixes the following security issues: - CVE-2016-7480: The SplObjectStorage unserialize implementation in ext/spl/splobserver.c in PHP did not verify that a key is an object, which allowed remote attackers to execute arbitrary code or cause a denial of service uninitialized...
USN-3211-2: PHP regression
USN-3211-1 fixed vulnerabilities in PHP by updating to the new 7.0.15 upstream release. PHP 7.0.15 introduced a regression when using MySQL with large blobs. This update fixes the problem with a backported fix. Original advisory details: It was discovered that PHP incorrectly handled certain...
USN-3211-2 php7.0 regression
USN-3211-1 fixed vulnerabilities in PHP by updating to the new 7.0.15 upstream release. PHP 7.0.15 introduced a regression when using MySQL with large blobs. This update fixes the problem with a backported fix. Original advisory details: It was discovered that PHP incorrectly handled certain...
Ubuntu: Security Advisory (USN-3211-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS : PHP vulnerabilities (USN-3211-1)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3211-1 advisory. It was discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to...
USN-3211-1: PHP vulnerabilities
It was discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2016-7479 It was discovered that PHP incorrectly handled certain...
Ubuntu 14.04 LTS : PHP vulnerabilities (USN-3196-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3196-1 advisory. It was discovered that PHP incorrectly handled certain arguments to the localegetdisplayname function. A remote attacker could use this issue to cause PH...
USN-3196-1: PHP vulnerabilities
It was discovered that PHP incorrectly handled certain arguments to the localegetdisplayname function. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2014-9912 It was discovered that PHP incorrectly handled...
Debian: Security Advisory (DSA-3783-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...