8 matches found
Tenable SecurityCenter < 5.7.1 Multiple Vulnerabilities (TNS-2018-12)
According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is prior to 5.7.1. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported...
CVE-2018-15132
An issue was discovered in ext/standard/linkwin32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. The linkinfo function on Windows doesn't implement the openbasedir check. This could be abused to find files on paths outside of the allowed directories...
CVE-2018-15132
An issue was discovered in ext/standard/linkwin32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. The linkinfo function on Windows doesn't implement the openbasedir check. This could be abused to find files on paths outside of the allowed directories...
CVE-2018-15132
The CVE-2018-15132 issue affects PHP's Windows implementation in ext/standard/link_win32.c. The linkinfo function does not perform an open_basedir check, enabling potential access to files outside allowed directories. Affected versions are PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1....
PHP Multiple Heap Buffer Overflow and Information Disclosure Vulnerabilities (Aug 2018) - Linux
PHP is prone to multiple heap buffer overflow and information disclosure vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
PHP 5.6.x < 5.6.37 exif_thumbnail_extract() DoS
According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.37. It is, therefore, affected by a denial of service vulnerability. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
PHP 7.2.x < 7.2.8 Use After Free Arbitrary Code Execution in EXIF
According to its banner, the version of PHP running on the remote web server is 7.2.x prior to 7.2.8. It is, therefore, affected by a Use-After-Free Arbitrary Code Execution Vulnerability. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ...
PHP 7.0.x < 7.0.31 Use After Free Arbitrary Code Execution in EXIF
According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.31. It is, therefore, affected by a Use-After-Free Arbitrary Code Execution Vulnerability. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc';...