Lucene search
K

20 matches found

F5 Networks
F5 Networks
added 2023/02/21 7:33 p.m.44 views

K28507582: PHP vulnerability CVE-2017-12933

Security Advisory Description The finishnesteddata function in ext/standard/varunserializer.re in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue can have an unspecified impact on the...

9.8CVSS7.5AI score0.0694EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.34 views

Ubuntu: Security Advisory (USN-3566-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9AI score0.07031EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.36 views

SUSE: Security Advisory (SUSE-SU-2017:2518-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.0694EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.35 views

SUSE: Security Advisory (SUSE-SU-2017:2522-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.07495EPSS
Exploits2References12
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.33 views

SUSE: Security Advisory (SUSE-SU-2017:2468-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.0742EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.52 views

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-2221)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.2AI score0.35438EPSS
Exploits15References2
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.39 views

SUSE SLES12 Security Update : php5 (SUSE-SU-2017:2518-1)

This update for php5 fixes on issues. This security issue was fixed : - CVE-2017-12933: The finishnesteddata function in ext/standard/varunserializer.re was prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue could have had an unspecified impact on the...

9.8CVSS7.1AI score0.0694EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2018/08/17 6:3 p.m.37 views

Severe PHP Exploit Threatens WordPress Sites with Remote Code Execution

UPDATE Researchers have created a proof-of-concept exploit that would enable bad actors to target a severe vulnerability in the PHP programming language behind several major CMS companies, including WordPress. The vulnerability remains unresolved – more than a year after it was reported. The...

7.5CVSS1.4AI score0.0694EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2018/02/14 12:0 a.m.56 views

Ubuntu: Security Advisory (USN-3566-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.79949EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2018/02/06 12:0 a.m.44 views

Debian: Security Advisory (DLA-1076-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.0694EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/01/09 12:0 a.m.73 views

Debian DSA-4081-1 : php5 - security update

Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language : - CVE-2017-11142 Denial of service via overly long form variables - CVE-2017-11143 Invalid free in wddxdeserialize - CVE-2017-11144 Denial of service in openssl extension due to incorrect...

9.8CVSS6.2AI score0.26373EPSS
Exploits2References17
Debian
Debian
added 2018/01/08 10:33 p.m.64 views

[SECURITY] [DSA 4081-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4081-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 08, 2018 https://www.debian.org/security/faq -...

9.8CVSS10AI score0.26373EPSS
Exploits2
Debian
Debian
added 2018/01/08 10:30 p.m.69 views

[SECURITY] [DSA 4080-1] php7.0 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4080-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 08, 2018 https://www.debian.org/security/faq -...

9.8CVSS10AI score0.26373EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2017/09/18 12:0 a.m.42 views

openSUSE Security Update : php7 (openSUSE-2017-1061)

This update for php7 fixes several issues. These security issues were fixed : - CVE-2017-12932: Prevent heap use after free while unserializing untrusted data, related to improper use of the hash API for key deletion in a situation with an invalid array size. Exploitation of this issue could have...

9.8CVSS7.2AI score0.0742EPSS
Exploits0References8
Debian
Debian
added 2017/08/30 3:51 p.m.42 views

[SECURITY] [DLA 1076-1] php5 security update

Package : php5 Version : 5.4.45-0+deb7u11 CVE ID : CVE-2017-12933 The finishnesteddata function in ext/standard/varunserializer.re in PHP is prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue can have an unspecified impact on the integrity of PHP. For Debia...

9.8CVSS10AI score0.0694EPSS
Exploits0
CVE
CVE
added 2017/08/21 12:0 a.m.59 views

CVE-2017-1000202

CVE-2017-1000202 is a reserved/duplicate entry; refer to CVE-2017-12933.

9.2AI score
Exploits0
Hacker One
Hacker One
added 2017/08/18 1:22 p.m.66 views

Internet Bug Bounty: Out of Bounds Memory Read in unserialize()

The finishnesteddata function in ext/standard/varunserializer.re in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue can have an unspecified impact on the integrity of PHP. This has been...

7.5CVSS9.1AI score0.0694EPSS
Exploits0
CVE
CVE
added 2017/08/18 3:0 a.m.367 views

CVE-2017-12933

CVE-2017-12933 affects PHP's unserialization path: the finish_nested_data code path in ext/standard/var_unserializer.re can cause a buffer over-read when deserializing untrusted data. Affected: PHP versions prior to 5.6.31; 7.0.x prior to 7.0.21; 7.1.x prior to 7.1.7. Impact is stated as unspecif...

9.8CVSS9.4AI score0.0694EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2017/08/18 3:0 a.m.56 views

CVE-2017-12933

Removed by vendor...

9.8CVSS8.7AI score0.0694EPSS
Exploits0
OpenVAS
OpenVAS
added 2017/07/11 12:0 a.m.70 views

PHP < 5.6.31, 7.0.x < 7.0.21, 7.1.x < 7.1.7 Multiple Vulnerabilities (Jul 2017) - Windows

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

9.8CVSS8.1AI score0.07511EPSS
Exploits6References7
Rows per page
Query Builder