Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.19 views

Linux Distros Unpatched Vulnerability : CVE-2017-11144

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, the openssl extension PEM sealing code did not check the return value of the OpenSSL sealing...

7.5CVSS6.9AI score0.06164EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.44 views

Ubuntu: Security Advisory (USN-3382-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.1AI score0.07511EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.39 views

SUSE: Security Advisory (SUSE-SU-2017:2303-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS8.4AI score0.08255EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.37 views

SUSE: Security Advisory (SUSE-SU-2017:2317-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS8.5AI score0.07495EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.52 views

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-2221)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.2AI score0.35438EPSS
Exploits15References2
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.48 views

SUSE SLES12 Security Update : php5 (SUSE-SU-2017:2317-1)

This update for php5 fixes the following issues : - CVE-2016-10397: parseurl can be bypassed to return fake host. bsc1047454 - CVE-2017-11143: An invalid free in the WDDX deserialization of booleanparameters could be used by attackers able to inject XML for deserialization tocrash the PHP...

9.1CVSS6.9AI score0.07495EPSS
Exploits2References28
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.63 views

SUSE SLES12 Security Update : php7 (SUSE-SU-2017:2303-1)

This update for php7 fixes the following issues : - CVE-2016-10397: parseurl can be bypassed to return fake host. bsc1047454 - CVE-2017-11142: Remoteattackers could cause a CPU consumption denial of service attack by injectinglong form variables, related to main/phpvariables. bsc1048100 -...

9.1CVSS7.2AI score0.08255EPSS
Exploits2References30
Tenable Nessus
Tenable Nessus
added 2018/01/09 12:0 a.m.73 views

Debian DSA-4081-1 : php5 - security update

Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language : - CVE-2017-11142 Denial of service via overly long form variables - CVE-2017-11143 Invalid free in wddxdeserialize - CVE-2017-11144 Denial of service in openssl extension due to incorrect...

9.8CVSS6.2AI score0.26373EPSS
Exploits2References17
Debian
Debian
added 2018/01/08 10:33 p.m.64 views

[SECURITY] [DSA 4081-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4081-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 08, 2018 https://www.debian.org/security/faq -...

9.8CVSS10AI score0.26373EPSS
Exploits2
Debian
Debian
added 2018/01/08 10:30 p.m.104 views

[SECURITY] [DSA 4080-1] php7.0 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4080-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 08, 2018 https://www.debian.org/security/faq -...

9.8CVSS10AI score0.26373EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2017/09/06 12:0 a.m.61 views

openSUSE Security Update : php5 (openSUSE-2017-1010)

This update for php5 fixes the following issues : - CVE-2016-10397: parseurl can be bypassed to return fake host. bsc1047454 - CVE-2017-11143: An invalid free in the WDDX deserialization of booleanparameters could be used by attackers able to inject XML for deserialization tocrash the PHP...

9.1CVSS6.8AI score0.07495EPSS
Exploits2References18
Tenable Nessus
Tenable Nessus
added 2017/09/05 12:0 a.m.56 views

openSUSE Security Update : php7 (openSUSE-2017-994)

This update for php7 fixes the following issues : - CVE-2016-10397: parseurl can be bypassed to return fake host. bsc1047454 - CVE-2017-11142: Remoteattackers could cause a CPU consumption denial of service attack by injectinglong form variables, related to main/phpvariables. bsc1048100 -...

9.1CVSS7.1AI score0.08255EPSS
Exploits2References20
OpenVAS
OpenVAS
added 2017/09/05 12:0 a.m.49 views

openSUSE: Security Advisory for php7 (openSUSE-SU-2017:2337-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.1CVSS7.6AI score0.08255EPSS
Exploits2References1
OPENSUSE Linux
OPENSUSE Linux
added 2017/09/04 12:7 p.m.138 views

Security update for php7 (important)

This update for php7 fixes the following issues: - CVE-2016-10397: parseurl can be bypassed to return fake host. bsc1047454 - CVE-2017-11142: Remoteattackers could cause a CPU consumption denial of service attack by injectinglong form variables, related to main/phpvariables. bsc1048100 -...

7.8CVSS2.9AI score0.08255EPSS
Exploits2References11
OpenVAS
OpenVAS
added 2017/08/11 12:0 a.m.64 views

Ubuntu: Security Advisory (USN-3382-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.2AI score0.07511EPSS
Exploits7References2
Tenable Nessus
Tenable Nessus
added 2017/07/24 12:0 a.m.55 views

Debian DLA-1034-1 : php5 security update

Several issues have been discovered in PHP recursive acronym for PHP: Hypertext Preprocessor, a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML. CVE-2016-10397 Incorrect handling of various URI components in th...

9.1CVSS7AI score0.06846EPSS
Exploits1References7
Debian
Debian
added 2017/07/21 11:45 a.m.53 views

[SECURITY] [DLA 1034-1] php5 security update

Package : php5 Version : 5.4.45-0+deb7u9 CVE ID : CVE-2016-10397 CVE-2017-11143 CVE-2017-11144 CVE-2017-11145 CVE-2017-11147 Several issues have been discovered in PHP recursive acronym for PHP: Hypertext Preprocessor, a widely-used open source general-purpose scripting language that is especiall...

9.1CVSS9.6AI score0.06846EPSS
Exploits1
OpenVAS
OpenVAS
added 2017/07/11 12:0 a.m.70 views

PHP < 5.6.31, 7.0.x < 7.0.21, 7.1.x < 7.1.7 Multiple Vulnerabilities (Jul 2017) - Windows

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

9.8CVSS8.1AI score0.07511EPSS
Exploits6References7
Debian CVE
Debian CVE
added 2017/07/10 2:0 p.m.40 views

CVE-2017-11144

Removed by vendor...

7.5CVSS8.7AI score0.06164EPSS
Exploits0
CVE
CVE
added 2017/07/10 2:0 p.m.267 views

CVE-2017-11144

CVE-2017-11144 affects PHP: openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function, potentially crashing the PHP interpreter due to a negative-number interpretation issue in ext/openssl/openssl.c. Public details indicate vulnerable ranges: PHP versions b...

7.5CVSS8.4AI score0.06164EPSS
Exploits0References12Affected Software1
Rows per page
Query Builder