Lucene search
K

36 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2019-11047

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and...

6.5CVSS6.8AI score0.07473EPSS
Exploits1References2
Amazon
Amazon
added 2024/02/05 12:0 a.m.58 views

Important: php73

Issue Overview: A flaw was discovered in the link function in PHP. When compiled on Windows, it does not correctly handle paths containing NULL bytes. An attacker could abuse this flaw to bypass application checks on file paths. CVE-2019-11044 In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.1...

9.8CVSS8.1AI score0.08818EPSS
Exploits6
F5 Networks
F5 Networks
added 2023/02/21 6:49 p.m.54 views

K50301222: PHP EXIF extension vulnerabilities CVE-2019-11047 and CVE-2019-11050

Security Advisory Description CVE-2019-11047 When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated...

6.5CVSS7AI score0.07624EPSS
Exploits2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.35 views

Mageia: Security Advisory (MGASA-2019-0412)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.6AI score0.08818EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2021/08/11 12:0 a.m.43 views

openSUSE 15 Security Update : php7 (openSUSE-SU-2021:1130-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1130-1 advisory. - Tenable.sc leverages third-party software to help provide underlying functionality. Multiple third-party components were found to contain...

9.8CVSS7.2AI score0.9947EPSS
Exploits94References7
Tenable Nessus
Tenable Nessus
added 2021/07/31 12:0 a.m.85 views

openSUSE 15 Security Update : php7 (openSUSE-SU-2021:2575-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:2575-1 advisory. - Tenable.sc leverages third-party software to help provide underlying functionality. Multiple third-party components were found to contain...

9.8CVSS7.1AI score0.9947EPSS
Exploits94References4
Tenable Nessus
Tenable Nessus
added 2021/06/10 12:0 a.m.48 views

SUSE SLES11 Security Update : php53 (SUSE-SU-2020:14289-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2020:14289-1 advisory. - In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and...

9.1CVSS7.4AI score0.08818EPSS
Exploits4References19
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2020:0267-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS8AI score0.08818EPSS
Exploits3References2
AlmaLinux
AlmaLinux
added 2020/09/08 8:38 a.m.78 views

Moderate: php:7.3 security, bug fix, and enhancement update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 7.3.20. BZ1856655 Security Fixes: php: Out-of-bounds read due to integer overflow in iconvmimedecodeheaders CVE-2019-11039 php: Buffer...

9.8CVSS9AI score0.08888EPSS
Exploits19References23
OSV
OSV
added 2020/09/08 8:38 a.m.45 views

ALSA-2020:3662 Moderate: php:7.3 security, bug fix, and enhancement update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 7.3.20. BZ1856655 Security Fixes: php: Out-of-bounds read due to integer overflow in iconvmimedecodeheaders CVE-2019-11039 php: Buffer...

9.8CVSS8.7AI score0.08888EPSS
Exploits19References23
OpenVAS
OpenVAS
added 2020/04/30 12:0 a.m.61 views

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2020-1542)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.9AI score0.26373EPSS
Exploits8References2
OpenVAS
OpenVAS
added 2020/04/01 12:0 a.m.47 views

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2020-1350)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.08818EPSS
Exploits7References2
OpenVAS
OpenVAS
added 2020/02/25 12:0 a.m.51 views

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2020-1172)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.08818EPSS
Exploits7References2
Debian
Debian
added 2020/02/18 10:0 p.m.109 views

[SECURITY] [DSA 4628-1] php7.0 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4628-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 18, 2020 https://www.debian.org/security/faq -...

9.1CVSS8.7AI score0.08888EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2020/02/07 12:0 a.m.47 views

SUSE SLES12 Security Update : php7 (SUSE-SU-2020:0352-1)

This update for php7 fixes the following issues : CVE-2019-11045: Fixed an issue with improper input validation in the filename handling of the DirectoryIterator class bsc1159923. CVE-2019-11046: Fixed an information leak in bcshiftaddsub bsc1159924. CVE-2019-11047, CVE-2019-11050: Fixed multiple...

6.5CVSS6.8AI score0.08818EPSS
Exploits3References13
Amazon
Amazon
added 2020/02/04 12:0 a.m.137 views

Medium: php72, php73

Issue Overview: In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is...

9.8CVSS7.6AI score0.08818EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2020/01/31 12:0 a.m.49 views

SUSE SLES12 Security Update : php72 (SUSE-SU-2020:0267-1)

This update for php72 fixes the following issues : CVE-2019-11045: Fixed an issue with improper input validation in the filename handling of the DirectoryIterator class bsc1159923. CVE-2019-11046: Fixed an information leak in bcshiftaddsub bsc1159924. CVE-2019-11047, CVE-2019-11050: Fixed multipl...

6.5CVSS6.8AI score0.08818EPSS
Exploits3References13
OpenVAS
OpenVAS
added 2020/01/27 12:0 a.m.43 views

openSUSE: Security Advisory for php7 (openSUSE-SU-2020:0080_1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS7AI score0.08818EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2020/01/24 12:0 a.m.55 views

PHP 7.3.x < 7.3.13 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is prior to 7.2.26, 7.3.x prior to 7.3.13, or 7.4.x prior to 7.4.1. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file read vulnerability exists in link and DirectoryIterator class due to imprope...

9.8CVSS7.7AI score0.08818EPSS
Exploits5References8
Tenable Nessus
Tenable Nessus
added 2020/01/21 12:0 a.m.59 views

openSUSE Security Update : php7 (openSUSE-2020-80)

This update for php7 fixes the following issues : - CVE-2019-11045: Fixed an issue with improper input validation in the filename handling of the DirectoryIterator class bsc1159923. - CVE-2019-11046: Fixed an information leak in bcshiftaddsub bsc1159924. - CVE-2019-11047, CVE-2019-11050: Fixed...

6.5CVSS6.8AI score0.08818EPSS
Exploits3References8
Rows per page
Query Builder