Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.18 views

Linux Distros Unpatched Vulnerability : CVE-2018-14883

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. An Integer Overflow leads to a heap-based buffer...

7.5CVSS6.7AI score0.08975EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.35 views

Mageia: Security Advisory (MGASA-2018-0390)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.08975EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.27 views

SUSE: Security Advisory (SUSE-SU-2018:2681-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.2AI score0.08975EPSS
Exploits2References6
Debian
Debian
added 2018/12/10 9:40 p.m.140 views

[SECURITY] [DSA 4353-1] php7.0 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4353-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 10, 2018 https://www.debian.org/security/faq -...

8.5CVSS8.2AI score0.9523EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2018/09/24 12:0 a.m.70 views

Tenable SecurityCenter < 5.7.1 Multiple Vulnerabilities (TNS-2018-12)

According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is prior to 5.7.1. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported...

9.8CVSS6.5AI score0.87883EPSS
Exploits5References12
OpenVAS
OpenVAS
added 2018/09/19 12:0 a.m.43 views

Ubuntu: Security Advisory (USN-3766-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.9AI score0.08975EPSS
Exploits2References2
Ubuntu
Ubuntu
added 2018/09/18 7:22 a.m.178 views

USN-3766-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled restarting certain child processes when php-fpm is used. A remote attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 18.04 LTS. CVE-2015-9253 It was discovered that PHP incorrectly handled...

7.5CVSS6.6AI score0.08975EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2018/09/18 12:0 a.m.83 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : PHP vulnerabilities (USN-3766-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3766-1 advisory. It was discovered that PHP incorrectly handled restarting certain child processes when php-fpm is used. A remote attacker could...

7.5CVSS6.5AI score0.08975EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2018/09/12 12:0 a.m.49 views

SUSE SLES11 Security Update : php53 (SUSE-SU-2018:2681-1)

This update for php53 fixes the following issues : The following security issues were fixed : CVE-2018-14851: Fixed an out-of-bound read in exifprocessIFDinMAKERNOTE, which could be exploited by an attacker via crafted JPG files, and could result in an application crash. bsc1103659 CVE-2018-14883...

7.5CVSS6.5AI score0.08975EPSS
Exploits2References10
OSV
OSV
added 2018/09/10 1:51 p.m.17 views

SUSE-SU-2018:2681-1 Security update for php53

This update for php53 fixes the following issues: The following security issues were fixed: - CVE-2018-14851: Fixed an out-of-bound read in exifprocessIFDinMAKERNOTE, which could be exploited by an attacker via crafted JPG files, and could result in an application crash. bsc1103659 -...

7.5CVSS6.9AI score0.08975EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2018/09/04 12:0 a.m.58 views

Debian DLA-1490-1 : php5 security update

Two vulnerabilities have been discovered in php5, a server-side, HTML-embedded scripting language. One CVE-2018-14851 results in a potential denial of service out-of-bounds read and application crash via a crafted JPEG file. The other CVE-2018-14883 is an Integer Overflow that leads to a heap-bas...

7.5CVSS6.5AI score0.08975EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2018/08/24 12:0 a.m.89 views

Amazon Linux AMI : php72 (ALAS-2018-1067)

exifprocessIFDinMAKERNOTE in ext/exif/exif.c in PHP 7.2.x before 7.2.8 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted JPEG file.CVE-2018-14851 exifreadfromimpl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allows attackers to trigger a...

9.8CVSS7.3AI score0.08975EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2018/08/24 12:0 a.m.71 views

Amazon Linux AMI : php56 / php70,php71 (ALAS-2018-1066)

exifprocessIFDinMAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, and 7.1.x before 7.1.20, allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted JPEG file.CVE-2018-14851 An issue was discovered in PHP before 5.6.37, 7.0.x...

7.5CVSS6.3AI score0.08975EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2018/08/07 12:0 a.m.95 views

PHP Multiple Heap Buffer Overflow and Information Disclosure Vulnerabilities (Aug 2018) - Linux

PHP is prone to multiple heap buffer overflow and information disclosure vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS7.9AI score0.08975EPSS
Exploits2References4
RedhatCVE
RedhatCVE
added 2018/08/03 7:18 p.m.53 views

CVE-2018-14883

An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. An Integer Overflow leads to a heap-based buffer over-read in exifthumbnailextract of exif.c...

7.5CVSS3.1AI score0.08975EPSS
Exploits1References2
CVE
CVE
added 2018/08/03 1:0 p.m.516 views

CVE-2018-14883

CVE-2018-14883 is a heap-based buffer over-read in exif_thumbnail_extract (exif.c) of PHP. Affected are PHP 5.6.37 and 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. Some sources note potential remote code execution in vulnerable scenarios. Remediation is to upgrade to the fixe...

7.5CVSS7.5AI score0.08975EPSS
Exploits1References10Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/07/24 12:0 a.m.296 views

PHP 5.6.x < 5.6.37 exif_thumbnail_extract() DoS

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.37. It is, therefore, affected by a denial of service vulnerability. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

7.5CVSS6.4AI score0.08975EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2018/07/20 12:0 a.m.102 views

PHP 7.2.x < 7.2.8 Use After Free Arbitrary Code Execution in EXIF

According to its banner, the version of PHP running on the remote web server is 7.2.x prior to 7.2.8. It is, therefore, affected by a Use-After-Free Arbitrary Code Execution Vulnerability. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ...

9.8CVSS7.1AI score0.08975EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2018/07/20 12:0 a.m.147 views

PHP 7.0.x < 7.0.31 Use After Free Arbitrary Code Execution in EXIF

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.31. It is, therefore, affected by a Use-After-Free Arbitrary Code Execution Vulnerability. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc';...

9.8CVSS7.1AI score0.08975EPSS
Exploits2References5
Openbugbounty
Openbugbounty
added 2018/04/04 6:56 a.m.13 views

rossholidays.nl XSS vulnerability

Open Bug Bounty ID: OBB-596672 Description| Value ---|--- Affected Website:| rossholidays.nl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Rows per page
Query Builder