Lucene search
K

20 matches found

F5 Networks
F5 Networks
added 2023/02/21 7:33 p.m.44 views

K28507582: PHP vulnerability CVE-2017-12933

Security Advisory Description The finishnesteddata function in ext/standard/varunserializer.re in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue can have an unspecified impact on the...

9.8CVSS7.5AI score0.0694EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.34 views

Ubuntu: Security Advisory (USN-3566-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9AI score0.07031EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.35 views

SUSE: Security Advisory (SUSE-SU-2017:2522-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.07495EPSS
Exploits2References12
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.36 views

SUSE: Security Advisory (SUSE-SU-2017:2518-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.0694EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.33 views

SUSE: Security Advisory (SUSE-SU-2017:2468-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.0742EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.52 views

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-2221)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.2AI score0.35438EPSS
Exploits15References2
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.39 views

SUSE SLES12 Security Update : php5 (SUSE-SU-2017:2518-1)

This update for php5 fixes on issues. This security issue was fixed : - CVE-2017-12933: The finishnesteddata function in ext/standard/varunserializer.re was prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue could have had an unspecified impact on the...

9.8CVSS7.1AI score0.0694EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2018/08/17 6:3 p.m.37 views

Severe PHP Exploit Threatens WordPress Sites with Remote Code Execution

UPDATE Researchers have created a proof-of-concept exploit that would enable bad actors to target a severe vulnerability in the PHP programming language behind several major CMS companies, including WordPress. The vulnerability remains unresolved – more than a year after it was reported. The...

7.5CVSS1.4AI score0.0694EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2018/02/14 12:0 a.m.56 views

Ubuntu: Security Advisory (USN-3566-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.79949EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2018/02/06 12:0 a.m.44 views

Debian: Security Advisory (DLA-1076-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.0694EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/01/09 12:0 a.m.73 views

Debian DSA-4081-1 : php5 - security update

Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language : - CVE-2017-11142 Denial of service via overly long form variables - CVE-2017-11143 Invalid free in wddxdeserialize - CVE-2017-11144 Denial of service in openssl extension due to incorrect...

9.8CVSS6.2AI score0.26373EPSS
Exploits2References17
Debian
Debian
added 2018/01/08 10:33 p.m.64 views

[SECURITY] [DSA 4081-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4081-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 08, 2018 https://www.debian.org/security/faq -...

9.8CVSS10AI score0.26373EPSS
Exploits2
Debian
Debian
added 2018/01/08 10:30 p.m.68 views

[SECURITY] [DSA 4080-1] php7.0 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4080-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 08, 2018 https://www.debian.org/security/faq -...

9.8CVSS10AI score0.26373EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2017/09/18 12:0 a.m.42 views

openSUSE Security Update : php7 (openSUSE-2017-1061)

This update for php7 fixes several issues. These security issues were fixed : - CVE-2017-12932: Prevent heap use after free while unserializing untrusted data, related to improper use of the hash API for key deletion in a situation with an invalid array size. Exploitation of this issue could have...

9.8CVSS7.2AI score0.0742EPSS
Exploits0References8
Debian
Debian
added 2017/08/30 3:51 p.m.42 views

[SECURITY] [DLA 1076-1] php5 security update

Package : php5 Version : 5.4.45-0+deb7u11 CVE ID : CVE-2017-12933 The finishnesteddata function in ext/standard/varunserializer.re in PHP is prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue can have an unspecified impact on the integrity of PHP. For Debia...

9.8CVSS10AI score0.0694EPSS
Exploits0
CVE
CVE
added 2017/08/21 12:0 a.m.58 views

CVE-2017-1000202

CVE-2017-1000202 is a reserved/duplicate entry; refer to CVE-2017-12933.

9.2AI score
Exploits0
Hacker One
Hacker One
added 2017/08/18 1:22 p.m.66 views

Internet Bug Bounty: Out of Bounds Memory Read in unserialize()

The finishnesteddata function in ext/standard/varunserializer.re in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue can have an unspecified impact on the integrity of PHP. This has been...

7.5CVSS9.1AI score0.0694EPSS
Exploits0
Debian CVE
Debian CVE
added 2017/08/18 3:0 a.m.47 views

CVE-2017-12933

Removed by vendor...

9.8CVSS8.7AI score0.0694EPSS
Exploits0
CVE
CVE
added 2017/08/18 3:0 a.m.367 views

CVE-2017-12933

CVE-2017-12933 affects PHP's unserialization path: the finish_nested_data code path in ext/standard/var_unserializer.re can cause a buffer over-read when deserializing untrusted data. Affected: PHP versions prior to 5.6.31; 7.0.x prior to 7.0.21; 7.1.x prior to 7.1.7. Impact is stated as unspecif...

9.8CVSS9.4AI score0.0694EPSS
Exploits0References9Affected Software1
OpenVAS
OpenVAS
added 2017/07/11 12:0 a.m.70 views

PHP < 5.6.31, 7.0.x < 7.0.21, 7.1.x < 7.1.7 Multiple Vulnerabilities (Jul 2017) - Windows

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

9.8CVSS8.1AI score0.07511EPSS
Exploits6References7
Rows per page
Query Builder