30 matches found
MiracleLinux 7 : php-5.4.16-48.el7 (AXSA:2020-019:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-019:01 advisory. php: Reflected XSS on PHAR 404 page CVE-2018-5712 php: Stack-based buffer under-read in phpstreamurlwraphttpex in httpfopenwrapper.c when parsing HTT...
K61561040: PHP vulnerability CVE-2018-10547
Security Advisory Description An issue was discovered in ext/phar/pharobject.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerabilit...
Ubuntu: Security Advisory (USN-3646-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Slackware: Security Advisory (SSA:2018-136-02)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2018-0222)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:1176-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:1294-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:1291-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : php on SL7.x x86_64 (20200407)
php: Reflected XSS on PHAR 404 page php: Stack-based buffer under-read in phpstreamurlwraphttpex in httpfopenwrapper.c when parsing HTTP response php: Reflected XSS vulnerability on PHAR 403 and 404 error pages php: Out-of-bounds read in base64decodexmlrpc in ext/xmlrpc/libxmlrpc/base64.c C Tenab...
CentOS 7 : php (RHSA-2020:1112)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1112 advisory. - An issue was discovered in ext/phar/pharobject.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is...
Moderate: Red Hat Security Advisory: rh-php71-php security, bug fix, and enhancement update
An update for rh-php71-php is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
SUSE SLES12 Security Update : php5 (SUSE-SU-2018:1291-1)
This update for php5 fixes the following issues: Security issues fixed : - CVE-2018-10545: Fix access controls in FPM child processes bsc1091367. - CVE-2018-10547: Fix Reflected XSS on the PHAR 403 and 404 error pages bsc1091362. - CVE-2018-10546: Fix an infinite loop exists in ext/iconv/iconv.c...
SUSE SLES12 Security Update : php7 (SUSE-SU-2018:1176-1)
This update for php7 fixes the following issues: Security issues fixed : - CVE-2018-10545: Fix access controls in FPM child processes bsc1091367. - CVE-2018-10547: Fix Reflected XSS on the PHAR 403 and 404 error pages bsc1091362. - CVE-2018-10546: Fix an infinite loop exists in ext/iconv/iconv.c...
Tenable SecurityCenter < 5.7.1 Multiple Vulnerabilities (TNS-2018-12)
According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is prior to 5.7.1. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported...
[SECURITY] [DSA 4240-1] php7.0 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4240-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 05, 2018 https://www.debian.org/security/faq -...
Debian DLA-1397-1 : php5 security update
Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language : CVE-2018-7584 A stack-buffer-overflow while parsing HTTP response results in copying a large string and possible memory corruption and/or denial of service CVE-2018-10545 Dumpable FPM child...
[SECURITY] [DLA 1397-1] php5 security update
Package : php5 Version : 5.6.36+dfsg-0+deb8u1 CVE ID : CVE-2018-7584 CVE-2018-10545 CVE-2018-10546 CVE-2018-10547 CVE-2018-10548 CVE-2018-10549 Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language: CVE-2018-7584 A stack-buffer-overflow while...
[slackware-security] php
New php packages are available for Slackware 14.0, 14.1, and 14.2 to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/php-5.6.36-i586-1slack14.2.txz: Upgraded. This fixes many bugs, including some security issues: Heap Buffer Overflow READ: 1786 in...
Slackware 14.0 / 14.1 / 14.2 : php (SSA:2018-136-02)
New php packages are available for Slackware 14.0, 14.1, and 14.2 to fix security issues. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2018-136-02. The text itself is copyright C Slackware Linux, Inc...
openSUSE: Security Advisory for php5 (openSUSE-SU-2018:1317-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...