Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.6 views

TencentOS Server 4: openssl (TSSA-2024:0914)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0914 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

7.5CVSS7AI score0.01158EPSS
Exploits1References4
Amazon
Amazon
added 2024/08/15 12:0 a.m.5 views

Medium: php8.2

Issue Overview: The opensslprivatedecrypt function in PHP, when using PKCS1 padding OPENSSLPKCS1PADDING, which is the default, is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that includes the changes from this pull request: https://github.com/openssl/openssl/pull/138...

5.9CVSS7.2AI score0.12117EPSS
Exploits2
Amazon
Amazon
added 2024/08/15 12:0 a.m.7 views

Medium: php8.2

Issue Overview: The opensslprivatedecrypt function in PHP, when using PKCS1 padding OPENSSLPKCS1PADDING, which is the default, is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that includes the changes from this pull request: https://github.com/openssl/openssl/pull/138...

5.9CVSS7.3AI score0.12117EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2024/08/06 12:0 a.m.31 views

Amazon Linux 2023 : php8.2, php8.2-bcmath, php8.2-cli (ALAS2023-2024-678)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-678 advisory. The opensslprivatedecrypt function in PHP, when using PKCS1 padding OPENSSLPKCS1PADDING, which is the default, is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that...

5.9CVSS7.3AI score0.12117EPSS
Exploits2References6
Amazon
Amazon
added 2024/07/22 12:0 a.m.25 views

Medium: php8.1

Issue Overview: The opensslprivatedecrypt function in PHP, when using PKCS1 padding OPENSSLPKCS1PADDING, which is the default, is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that includes the changes from this pull request: https://github.com/openssl/openssl/pull/138...

5.9CVSS7.3AI score0.12117EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2024/07/22 12:0 a.m.54 views

Amazon Linux 2023 : php8.1, php8.1-bcmath, php8.1-cli (ALAS2023-2024-654)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-654 advisory. The opensslprivatedecrypt function in PHP, when using PKCS1 padding OPENSSLPKCS1PADDING, which is the default, is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that...

5.9CVSS7.3AI score0.12117EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.36 views

CBL Mariner 2.0 Security Update: php (CVE-2024-2408)

The version of php installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-2408 advisory. - The opensslprivatedecrypt function in PHP, when using PKCS1 padding OPENSSLPKCS1PADDING, which is the default, i...

5.9CVSS7.1AI score0.01158EPSS
Exploits1References2
CBLMariner
CBLMariner
added 2024/07/02 11:30 p.m.11 views

CVE-2024-2408 affecting package php for versions less than 8.3.8-1

CVE-2024-2408 affecting package php for versions less than 8.3.8-1. An upgraded version of the package is available that resolves this issue...

5.9CVSS6.9AI score0.01158EPSS
Exploits1
OpenVAS
OpenVAS
added 2024/06/10 12:0 a.m.99 views

PHP < 8.1.29, 8.2.x < 8.2.20, 8.3.x < 8.3.8 Multiple Vulnerabilities - Active Check

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.114652"...

9.8CVSS7AI score0.99987EPSS
Exploits67References18
Wolfi
Wolfi
added 2024/06/09 8:15 p.m.49 views

CVE-2024-2408 vulnerabilities

Vulnerabilities for packages: php...

5.9CVSS7.5AI score0.01158EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2024/06/09 8:15 p.m.31 views

CVE-2024-2408

The opensslprivatedecrypt function in PHP, when using PKCS1 padding OPENSSLPKCS1PADDING, which is the default, is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that includes the changes from this pull request: https://github.com/openssl/openssl/pull/13817...

5.9CVSS6.4AI score0.01158EPSS
Exploits1References5
OSV
OSV
added 2024/06/09 7:55 p.m.26 views

CVE-2024-2408 PHP is vulnerable to the Marvin Attack

The opensslprivatedecrypt function in PHP, when using PKCS1 padding OPENSSLPKCS1PADDING, which is the default, is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that includes the changes from this pull request: https://github.com/openssl/openssl/pull/13817...

5.9CVSS6.5AI score0.01158EPSS
Exploits1References7
Cvelist
Cvelist
added 2024/06/09 7:55 p.m.520 views

CVE-2024-2408 PHP is vulnerable to the Marvin Attack

The opensslprivatedecrypt function in PHP, when using PKCS1 padding OPENSSLPKCS1PADDING, which is the default, is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that includes the changes from this pull request: https://github.com/openssl/openssl/pull/13817...

0.01158EPSS
Exploits1References3
Rows per page
Query Builder