31 matches found
Important: php73
Issue Overview: A flaw was discovered in the link function in PHP. When compiled on Windows, it does not correctly handle paths containing NULL bytes. An attacker could abuse this flaw to bypass application checks on file paths. CVE-2019-11044 In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.1...
Mageia: Security Advisory (MGASA-2019-0412)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE 15 Security Update : php7 (openSUSE-SU-2021:1130-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1130-1 advisory. - Tenable.sc leverages third-party software to help provide underlying functionality. Multiple third-party components were found to contain...
openSUSE 15 Security Update : php7 (openSUSE-SU-2021:2575-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:2575-1 advisory. - Tenable.sc leverages third-party software to help provide underlying functionality. Multiple third-party components were found to contain...
SUSE SLES11 Security Update : php53 (SUSE-SU-2020:14289-1)
The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2020:14289-1 advisory. - In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and...
SUSE: Security Advisory (SUSE-SU-2020:0267-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FLUFFI (Fully Localized Utility For Fuzzing Instantaneously) - A Distributed Evolutionary Binary Fuzzer For Pentesters
FLUFFI - A distributed evolutionary binary fuzzer for pentesters. About the project High level overview Getting started Usage HOWTOs Technical Details Contributing to FLUFFI LICENSE Bugs found So far, FLUFFI was almost exclusively used on SIEMENS products and solutions. Bugs found therein will no...
Huawei EulerOS: Security Advisory for php (EulerOS-SA-2020-1350)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for php (EulerOS-SA-2020-1172)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 4628-1] php7.0 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4628-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 18, 2020 https://www.debian.org/security/faq -...
SUSE SLES12 Security Update : php7 (SUSE-SU-2020:0352-1)
This update for php7 fixes the following issues : CVE-2019-11045: Fixed an issue with improper input validation in the filename handling of the DirectoryIterator class bsc1159923. CVE-2019-11046: Fixed an information leak in bcshiftaddsub bsc1159924. CVE-2019-11047, CVE-2019-11050: Fixed multiple...
Medium: php72, php73
Issue Overview: In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is...
SUSE SLES12 Security Update : php72 (SUSE-SU-2020:0267-1)
This update for php72 fixes the following issues : CVE-2019-11045: Fixed an issue with improper input validation in the filename handling of the DirectoryIterator class bsc1159923. CVE-2019-11046: Fixed an information leak in bcshiftaddsub bsc1159924. CVE-2019-11047, CVE-2019-11050: Fixed multipl...
openSUSE: Security Advisory for php7 (openSUSE-SU-2020:0080_1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
PHP 7.3.x < 7.3.13 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is prior to 7.2.26, 7.3.x prior to 7.3.13, or 7.4.x prior to 7.4.1. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file read vulnerability exists in link and DirectoryIterator class due to imprope...
openSUSE Security Update : php7 (openSUSE-2020-80)
This update for php7 fixes the following issues : - CVE-2019-11045: Fixed an issue with improper input validation in the filename handling of the DirectoryIterator class bsc1159923. - CVE-2019-11046: Fixed an information leak in bcshiftaddsub bsc1159924. - CVE-2019-11047, CVE-2019-11050: Fixed...
OPENSUSE-SU-2020:0080-1 Security update for php7
This update for php7 fixes the following issues: - CVE-2019-11045: Fixed an issue with improper input validation in the filename handling of the DirectoryIterator class bsc1159923. - CVE-2019-11046: Fixed an information leak in bcshiftaddsub bsc1159924. - CVE-2019-11047, CVE-2019-11050: Fixed...
Ubuntu: Security Advisory (USN-4239-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS / 18.04 LTS : PHP vulnerabilities (USN-4239-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4239-1 advisory. It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This...
USN-4239-1 php5, php7.0, php7.2, php7.3 vulnerabilities
It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, 16.04 LTS, 18.04 LTS, 19.04 and 19.10. CVE-2019-11045 It was discovered that PHP incorrectly handled certain inputs. An...