Lucene search
K

38 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

MiracleLinux 7 : php-5.4.16-43.el7.1 (AXSA:2018-2623:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-2623:01 advisory. php: Buffer over-read from unitialized data in gdImageCreateFromGifCtx function CVE-2017-7890 Tenable has extracted the preceding description block directly...

6.5CVSS6.5AI score0.03418EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2017-7890

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The GIF decoding function gdImageCreateFromGifCtx in gdgifin.c in the GD Graphics Library aka libgd, as used in PHP before 5.6.31 and 7.x before 7.1.7, does not...

6.5CVSS6.4AI score0.03418EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2023/02/21 6:33 p.m.104 views

K01709026: PHP vulnerabilities CVE-2017-7890 and CVE-2017-9226

Security Advisory Description CVE-2017-7890 The GIF decoding function gdImageCreateFromGifCtx in gdgifin.c in the GD Graphics Library aka libgd, as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized...

9.8CVSS7AI score0.07511EPSS
Exploits1
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.36 views

Ubuntu: Security Advisory (USN-3389-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.2AI score0.03418EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.39 views

SUSE: Security Advisory (SUSE-SU-2017:2303-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS8.4AI score0.08255EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.37 views

SUSE: Security Advisory (SUSE-SU-2017:2317-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS8.5AI score0.07495EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.35 views

SUSE: Security Advisory (SUSE-SU-2017:2522-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.07495EPSS
Exploits2References12
Openbugbounty
Openbugbounty
added 2020/04/22 4:19 a.m.9 views

tikzn.co.za Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1148675 Security Researcher Dipu1A Helped patch 1025 vulnerabilities Received 6 Coordinated Disclosure badges Received 22 recommendations , a holder of 6 badges for responsible and coordinated disclosure, found a security vulnerability affecting tikzn.co.za website and its...

0.2AI score
Exploits0
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.51 views

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-1402)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.4AI score0.65116EPSS
Exploits12References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.52 views

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2018-1096)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.87883EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.29 views

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2018-1249)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7AI score0.03418EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.63 views

SUSE SLES12 Security Update : php7 (SUSE-SU-2017:2303-1)

This update for php7 fixes the following issues : - CVE-2016-10397: parseurl can be bypassed to return fake host. bsc1047454 - CVE-2017-11142: Remoteattackers could cause a CPU consumption denial of service attack by injectinglong form variables, related to main/phpvariables. bsc1048100 -...

9.1CVSS7.2AI score0.08255EPSS
Exploits2References30
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.48 views

SUSE SLES12 Security Update : php5 (SUSE-SU-2017:2317-1)

This update for php5 fixes the following issues : - CVE-2016-10397: parseurl can be bypassed to return fake host. bsc1047454 - CVE-2017-11143: An invalid free in the WDDX deserialization of booleanparameters could be used by attackers able to inject XML for deserialization tocrash the PHP...

9.1CVSS6.9AI score0.07495EPSS
Exploits2References28
Tenable Nessus
Tenable Nessus
added 2018/09/18 12:0 a.m.38 views

EulerOS Virtualization 2.5.0 : php (EulerOS-SA-2018-1249)

According to the version of the php packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - The GIF decoding function gdImageCreateFromGifCtx in gdgifin.c in the GD Graphics Library aka libgd, as used in PHP before 5.6.31 and 7...

6.5CVSS6.5AI score0.03418EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:42 a.m.26 views

Security Bulletin: A vulnerability in PHP affects PowerKVM

Summary PowerKVM is affected by a vulnerability in PHP. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2017-7890 DESCRIPTION: libgd could allow a remote attacker to obtain sensitive information, caused by the lack of initialization for colorMap arrays in the GIF decodi...

6.5CVSS1AI score0.03418EPSS
Exploits0Affected Software1
Slackware Linux
Slackware Linux
added 2018/04/19 1:44 a.m.64 views

[slackware-security] gd

New gd packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: This update fixes two security issues: Double-free in gdImagePngPtr denial of service. Buffer over-read into uninitialized memory information leak. For mor...

7.5CVSS0.4AI score0.05102EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/04/19 12:0 a.m.33 views

Slackware 14.2 / current : gd (SSA:2018-108-01)

New gd packages are available for Slackware 14.2 and -current to fix security issues. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2018-108-01. The text itself is copyright C Slackware Linux, Inc...

7.5CVSS6.6AI score0.05102EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/03/12 12:0 a.m.48 views

CentOS 7 : php (CESA-2018:0406)

An update for php is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

6.5CVSS6.4AI score0.03418EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/03/08 12:0 a.m.31 views

Oracle Linux 7 : php (ELSA-2018-0406)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-0406 advisory. 5.4.16-43.1 - gd: fix buffer over-read into uninitialized memory CVE-2017-7890 Tenable has extracted the preceding description block directly from the Oracle...

6.5CVSS6.8AI score0.03418EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2018/03/07 12:0 a.m.41 views

php security update

5.4.16-43.1 - gd: fix buffer over-read into uninitialized memory CVE-2017-7890...

6.5CVSS2.5AI score0.03418EPSS
Exploits0
Rows per page
Query Builder