Lucene search
K

26 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.38 views

Mageia: Security Advisory (MGASA-2020-0148)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.2AI score0.04764EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2021/08/11 12:0 a.m.43 views

openSUSE 15 Security Update : php7 (openSUSE-SU-2021:1130-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1130-1 advisory. - Tenable.sc leverages third-party software to help provide underlying functionality. Multiple third-party components were found to contain...

9.8CVSS7.2AI score0.9947EPSS
Exploits96References7
Tenable Nessus
Tenable Nessus
added 2021/07/31 12:0 a.m.86 views

openSUSE 15 Security Update : php7 (openSUSE-SU-2021:2575-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:2575-1 advisory. - Tenable.sc leverages third-party software to help provide underlying functionality. Multiple third-party components were found to contain...

9.8CVSS7.1AI score0.9947EPSS
Exploits96References4
AlmaLinux
AlmaLinux
added 2020/09/08 8:38 a.m.79 views

Moderate: php:7.3 security, bug fix, and enhancement update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 7.3.20. BZ1856655 Security Fixes: php: Out-of-bounds read due to integer overflow in iconvmimedecodeheaders CVE-2019-11039 php: Buffer...

9.8CVSS9AI score0.08888EPSS
Exploits19References23
OSV
OSV
added 2020/09/08 8:38 a.m.46 views

ALSA-2020:3662 Moderate: php:7.3 security, bug fix, and enhancement update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 7.3.20. BZ1856655 Security Fixes: php: Out-of-bounds read due to integer overflow in iconvmimedecodeheaders CVE-2019-11039 php: Buffer...

9.8CVSS8.7AI score0.08888EPSS
Exploits19References23
Tenable Nessus
Tenable Nessus
added 2020/07/09 12:0 a.m.53 views

Debian DSA-4719-1 : php7.3 - security update

Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or potentially the execution of arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this...

8.8CVSS6.8AI score0.06264EPSS
Exploits7References10
Debian
Debian
added 2020/07/06 9:23 p.m.83 views

[SECURITY] [DSA 4719-1] php7.3 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4719-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 06, 2020 https://www.debian.org/security/faq -...

8.8CVSS8AI score0.06264EPSS
Exploits7
IBM Security Bulletins
IBM Security Bulletins
added 2020/06/29 4:46 p.m.37 views

Security Bulletin: IBM API Connect is impacted by vulnerabilities in PHP (CVE-2020-7066, CVE-2020-7065, CVE-2020-7064)

Summary IBM API Connect has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2020-7066 DESCRIPTION: PHP could allow a remote attacker to obtain sensitive information, caused by an issue when the getheaders silently truncates anything after a null byte in the URL it uses. ...

8.8CVSS1.6AI score0.04764EPSS
Exploits3Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/05/15 12:0 a.m.80 views

Amazon Linux AMI : php73 (ALAS-2020-1368)

The version of php73 installed on the remote host is prior to 7.3.17-1.25. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1368 advisory. In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.34, while parsing EXIF data with exifreaddata...

8.8CVSS7.3AI score0.04764EPSS
Exploits4References9
Amazon
Amazon
added 2020/05/13 12:0 a.m.102 views

Medium: php73

Issue Overview: In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.34, while parsing EXIF data with exifreaddata function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash...

8.8CVSS7.4AI score0.04764EPSS
Exploits4
OpenVAS
OpenVAS
added 2020/05/07 12:0 a.m.57 views

Ubuntu: Security Advisory (USN-4330-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.1AI score0.04764EPSS
Exploits3References2
OSV
OSV
added 2020/05/06 12:5 p.m.2 views

USN-4330-2 php7.4 vulnerabilities

USN-4330-1 fixed vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 20.04 LTS. Original advisory details: It was discovered that PHP incorrectly handled certain EXIF files. An attacker could possibly use this issue to access sensitive information or cause a crash...

8.8CVSS6.9AI score0.04764EPSS
Exploits3References4
Check Point Advisories
Check Point Advisories
added 2020/04/16 12:0 a.m.20 views

PHP mb_strtolower Stack Buffer Overflow (CVE-2020-7065)

A stack buffer overflow vulnerability exists in PHP. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5.2AI score0.04764EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2020/04/03 2:11 p.m.50 views

CVE-2020-7065

A vulnerability was found in PHP while using the mbstrtolower function with UTF-32LE encoding, where certain invalid strings cause PHP to overwrite the stack-allocated buffer. This flaw leads to memory corruption, crashes, and potential code execution...

8.8CVSS3.3AI score0.04764EPSS
Exploits1References5
Hacker One
Hacker One
added 2020/04/03 12:14 p.m.134 views

Internet Bug Bounty: mb_strtolower (UTF-32LE): stack-buffer-overflow at php_unicode_tolower_full (CVE-2020-7065)

PHP bug report made public by the maintainers at the time of writing: https://bugs.php.net/bug.php?id=79371 Mitre CVE page: https://vulners.com/cve/CVE-2020-7065 Link to the release notes: https://www.php.net/ChangeLog-7.php7.4.4 Impact One of impacts is that the issue allows an attacker to...

6.8CVSS7.2AI score0.04764EPSS
Exploits1
Debian CVE
Debian CVE
added 2020/04/01 3:35 a.m.39 views

CVE-2020-7065

In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mbstrtolower function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution...

8.8CVSS6.6AI score0.04764EPSS
Exploits1
CVE
CVE
added 2020/04/01 3:35 a.m.1030 views

CVE-2020-7065

CVE-2020-7065 concerns PHP mb_strtolower() with UTF-32LE encoding. Affects PHP 7.3.x below 7.3.16 and 7.4.x below 7.4.4; invalid strings can cause a stack-allocated buffer overrun, leading to memory corruption, crashes, and potential code execution. Publicly documented fixes appear in PHP 7.3.16+...

8.8CVSS8.2AI score0.04764EPSS
In wildExploits1References8Affected Software1
OpenVAS
OpenVAS
added 2020/03/29 12:0 a.m.52 views

Fedora: Security Advisory for php (FEDORA-2020-ce5a2a7403)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.3CVSS7.1AI score0.02767EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/03/27 12:0 a.m.62 views

GLSA-202003-57 : PHP: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202003-57 PHP: Multiple vulnerabilities Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. Impact : An attacker could possibly execute arbitrary shell commands,...

9.1CVSS7.5AI score0.9523EPSS
Exploits14References10
Tenable Nessus
Tenable Nessus
added 2020/03/27 12:0 a.m.177 views

PHP 7.3.x < 7.3.16 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.3.x prior to 7.3.16. It is, therefore, affected by the following vulnerabilities: - An out of bounds read resulting in the use of an uninitialized value in exif. CVE-2020-7064 - A stack buffer overflow in mbstrtolow...

8.8CVSS7.2AI score0.04764EPSS
Exploits3References4
Rows per page
Query Builder