Lucene search
+L

19 matches found

nessus
nessus
added 2021/08/11 12:0 a.m.43 views

openSUSE 15 Security Update : php7 (openSUSE-SU-2021:1130-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1130-1 advisory. - Tenable.sc leverages third-party software to help provide underlying functionality. Multiple third-party components were found to contain...

9.8CVSS7.2AI score0.9947EPSS
Exploits97References7
nessus
nessus
added 2021/07/31 12:0 a.m.86 views

openSUSE 15 Security Update : php7 (openSUSE-SU-2021:2575-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:2575-1 advisory. - Tenable.sc leverages third-party software to help provide underlying functionality. Multiple third-party components were found to contain...

9.8CVSS7.1AI score0.9947EPSS
Exploits97References4
ibm
ibm
added 2020/05/11 5:36 p.m.52 views

Security Bulletin: IBM API Connect is vulnerable to vulnerabilities in PHP (CVE-2020-7061, CVE-2020-7062, CVE-2020-7063)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2020-7061 DESCRIPTION: PHP could allow a remote attacker to obtain sensitive information, caused by an error while extracting PHAR files on Windows using phar extension. An attacker could exploit...

9.1CVSS0.5AI score0.04075EPSS
Exploits3Affected Software1
nessus
nessus
added 2020/03/27 12:0 a.m.62 views

GLSA-202003-57 : PHP: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202003-57 PHP: Multiple vulnerabilities Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. Impact : An attacker could possibly execute arbitrary shell commands,...

9.1CVSS7.5AI score0.9523EPSS
Exploits14References10
nessus
nessus
added 2020/03/16 12:0 a.m.48 views

Amazon Linux AMI : php72 (ALAS-2020-1350)

The version of php72 installed on the remote host is prior to 7.2.28-1.21. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1350 advisory. In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension,...

9.1CVSS7.2AI score0.04075EPSS
Exploits3References7
nessus
nessus
added 2020/03/16 12:0 a.m.55 views

Amazon Linux AMI : php73 (ALAS-2020-1351)

The version of php73 installed on the remote host is prior to 7.3.15-1.24. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1351 advisory. In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension,...

9.1CVSS7.2AI score0.04075EPSS
Exploits3References7
amazon
amazon
added 2020/03/09 12:0 a.m.116 views

Medium: php73

Issue Overview: In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer. This could potentially lead to information disclosure or crash...

9.1CVSS7.7AI score0.04075EPSS
Exploits3
mageia
mageia
added 2020/03/06 4:13 p.m.79 views

Updated php packages fix bugs and security vulnerabilities

Updated php packages fix bugs and security vulnerabilities: Core: - Fixed bug 71876 Memory corruption htmlspecialchars: charset ' not supported. - Fixed bug 79146 cscript can fail to run on some systems. - Fixed bug 78323 Code 0 is returned on invalid options. - Fixed bug 76047 Use-after-free...

9.1CVSS8.3AI score0.04075EPSS
Exploits3References2
nessus
nessus
added 2020/02/28 12:0 a.m.63 views

PHP 7.2.x < 7.2.28 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is prior to 7.2.28, 7.3.x prior to 7.3.15, or 7.4.x prior to 7.4.3. It is, therefore, affected by multiple vulnerabilities: - A heap buffer overflow exists in pharextractfile. CVE-2020-7061 - A null pointer dereference...

9.1CVSS8.2AI score0.04075EPSS
Exploits3References5
nessus
nessus
added 2020/02/28 12:0 a.m.82 views

PHP 7.3.x < 7.3.15 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is prior to 7.2.28, 7.3.x prior to 7.3.15, or 7.4.x prior to 7.4.3. It is, therefore, affected by multiple vulnerabilities: - A heap buffer overflow exists in pharextractfile. CVE-2020-7061 - A null pointer dereference...

9.1CVSS8.2AI score0.04075EPSS
Exploits3References5
nessus
nessus
added 2020/02/28 12:0 a.m.156 views

PHP 7.2.x < 7.2.28 / PHP 7.3.x < 7.3.15 / 7.4.x < 7.4.3 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is either 7.2.x prior to 7.2.28, 7.3.x prior to 7.3.15, or 7.4.x prior to 7.4.3. It is, therefore, affected by multiple vulnerabilities: - A heap-based buffer overflow condition exists in pharextractfile function due to...

9.1CVSS7.9AI score0.04075EPSS
Exploits3References6
nessus
nessus
added 2020/02/28 12:0 a.m.51 views

Fedora 31 : php (2020-32f9a2b308)

PHP version 7.3.15 20 Feb 2020 Core: - Fixed bug php71876 Memory corruption htmlspecialchars: charset ' not supported. Nikita - Fixed bug php79146 cscript can fail to run on some systems. clarodeus - Fixed bug php78323 Code 0 is returned on invalid options. Ivan Mikheykin - Fixed bug php76047...

9.1CVSS7.2AI score0.04075EPSS
Exploits3References4
openvas
openvas
added 2020/02/28 12:0 a.m.44 views

Fedora: Security Advisory for php (FEDORA-2020-32f9a2b308)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.1CVSS7.4AI score0.04075EPSS
Exploits3References2
ubuntucve
ubuntucve
added 2020/02/27 9:15 p.m.43 views

CVE-2020-7061

In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer. This could potentially lead to information disclosure or crash...

9.1CVSS7.1AI score0.04075EPSS
Exploits1References2
cve
cve
added 2020/02/27 8:25 p.m.531 views

CVE-2020-7061

CVE-2020-7061 is a PHP issue: when PHP 7.3.x below 7.3.15 and 7.4.x below 7.4.3 extract PHAR files on Windows using the phar extension, one byte could read past the allocated buffer, potentially enabling information disclosure or a crash. Public documentation consistently ties this to PHAR extrac...

9.1CVSS7.4AI score0.04075EPSS
Exploits1References3Affected Software1
cvelist
cvelist
added 2020/02/27 8:25 p.m.27 views

CVE-2020-7061 heap-buffer-overflow in phar_extract_file

In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer. This could potentially lead to information disclosure or crash...

6.5CVSS8.8AI score0.04075EPSS
Exploits1References3
altlinux
altlinux
added 2020/02/27 12:0 a.m.94 views

Security fix for the ALT Linux 9 package php7 version 7.3.15-alt1

7.3.15-alt1 built Feb. 27, 2020 Anton Farygin in task 246728 Feb. 20, 2020 Anton Farygin - 7.3.15 Fixes: CVE-2020-7063, CVE-2020-7062, CVE-2020-7061...

6.4CVSS7.4AI score0.04075EPSS
Exploits3
altlinux
altlinux
added 2020/02/20 12:0 a.m.40 views

Security fix for the ALT Linux 10 package php8.0 version 7.3.15-alt1

Feb. 20, 2020 Anton Farygin 7.3.15-alt1 - 7.3.15 Fixes: CVE-2020-7063, CVE-2020-7062, CVE-2020-7061...

6.4CVSS9.1AI score0.04075EPSS
Exploits3
altlinux
altlinux
added 2020/02/20 12:0 a.m.74 views

Security fix for the ALT Linux 10 package php8.1 version 7.3.15-alt1

Feb. 20, 2020 Anton Farygin 7.3.15-alt1 - 7.3.15 Fixes: CVE-2020-7063, CVE-2020-7062, CVE-2020-7061...

6.4CVSS9.1AI score0.04075EPSS
Exploits3
Rows per page
Query Builder