Lucene search
K

57 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.8 views

MiracleLinux 8 : php:7.4 (AXSA:2024-9405:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9405:01 advisory. php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: Passwordverify always return true with some hash CVE-2023-0567 php: Missing...

9.8CVSS8AI score0.49336EPSS
Exploits13References12
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.9 views

TencentOS Server 3: php:8.2 (TSSA-2024:1122)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:1122 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.5CVSS7.6AI score0.3786EPSS
Exploits5References7
Oracle linux
Oracle linux
added 2025/05/22 12:0 a.m.19 views

php security update

8.0.30-3 - Fix libxml streams use wrong content-type header when requesting a redirected resource CVE-2025-1219 - Fix Stream HTTP wrapper header check might omit basic auth header CVE-2025-1736 - Fix Stream HTTP wrapper truncate redirect location to 1024 bytes CVE-2025-1861 - Fix Streams HTTP...

6.3CVSS8.5AI score0.49336EPSS
Exploits12
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.10 views

RHEL 9 : php (RHSA-2025:7315)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7315 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to...

8.2CVSS7.6AI score0.49336EPSS
Exploits10References23
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.24 views

Linux Distros Unpatched Vulnerability : CVE-2024-2756

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to an incomplete fix to CVE-2022-31629 https://github.com/advisories/GHSA-c43m-486j-j32p , network and same-site attackers can set a standard insecure cooki...

6.5CVSS7AI score0.3786EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.15 views

Azure Linux 3.0 Security Update: php (CVE-2024-2756)

The version of php installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-2756 advisory. - Due to an incomplete fix to CVE-2022-31629 https://github.com/advisories/GHSA-c43m-486j-j32p , network and...

6.5CVSS7.2AI score0.49336EPSS
Exploits2References2
OSV
OSV
added 2025/02/04 5:59 p.m.7 views

CLSA-2025-1738691753 php: Fix of 2 CVEs

CVE-2024-2756: fix Host-/Secure- cookie bypass due to partial CVE-2022-31629 fix...

6.5CVSS6.8AI score0.49336EPSS
Exploits2References1
OSV
OSV
added 2024/12/25 9:21 p.m.9 views

CLSA-2024-1735161696 php: Fix of 3 CVEs

CVE-2024-2756: Fix issue introduced by incomplete fix of CVE-2022-31629 to prevent network and same-site attackers from setting insecure cookies in victim's browser - CVE-2024-3096: Fix issue where passwordverify incorrectly returns true when testing a blank string with password starting with a...

6.5CVSS6.8AI score0.49336EPSS
Exploits3References1
OSV
OSV
added 2024/12/19 4:19 a.m.35 views

RLSA-2024:10950 Moderate: php:8.1 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 php: passwordverify can erroneously return true, opening ATO risk CVE-2024-3096 php: Filter bypass in filtervar...

7.5CVSS6.8AI score0.3786EPSS
Exploits5References7
OSV
OSV
added 2024/12/19 4:19 a.m.26 views

RLSA-2024:10949 Moderate: php:8.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 php: passwordverify can erroneously return true, opening ATO risk CVE-2024-3096 php: Filter bypass in filtervar...

7.5CVSS6.8AI score0.3786EPSS
Exploits5References7
Tenable Nessus
Tenable Nessus
added 2024/12/19 12:0 a.m.23 views

AlmaLinux 8 : php:7.4 (ALSA-2024:10952)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:10952 advisory. php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: Passwordverify always return true with some hash CVE-2023-0567 php: Missing erro...

9.8CVSS7.8AI score0.49336EPSS
Exploits13References13
Tenable Nessus
Tenable Nessus
added 2024/12/13 12:0 a.m.23 views

Oracle Linux 8 : php:7.4 (ELSA-2024-10952)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-10952 advisory. - Fix cgi.forceredirect configuration is bypassable due to the environment variable collision CVE-2024-8927 - Fix Logs from childrens may be altered...

9.8CVSS7.7AI score0.49336EPSS
Exploits13References12
Tenable Nessus
Tenable Nessus
added 2024/12/11 12:0 a.m.24 views

RHEL 9 : php:8.1 (RHSA-2024:10950)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:10950 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to...

7.5CVSS7.2AI score0.49336EPSS
Exploits7References15
Tenable Nessus
Tenable Nessus
added 2024/12/11 12:0 a.m.20 views

RHEL 8 : php:7.4 (RHSA-2024:10952)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:10952 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: 1-byte array overrun in common...

9.8CVSS7.9AI score0.49336EPSS
Exploits13References26
Tenable Nessus
Tenable Nessus
added 2024/12/11 12:0 a.m.23 views

RHEL 9 : php:8.2 (RHSA-2024:10949)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:10949 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to...

7.5CVSS7.2AI score0.49336EPSS
Exploits7References16
OSV
OSV
added 2024/12/11 12:0 a.m.23 views

ALSA-2024:10951 Moderate: php:8.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 php: passwordverify can erroneously return true, opening ATO risk CVE-2024-3096 php: Filter bypass in filtervar...

7.5CVSS6.7AI score0.49336EPSS
Exploits7References14
OSV
OSV
added 2024/08/30 11:8 a.m.7 views

OESA-2024-2061 php security update

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

6.5CVSS6.8AI score0.3786EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.44 views

CBL Mariner 2.0 Security Update: php (CVE-2024-2756)

The version of php installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-2756 advisory. - Due to an incomplete fix to CVE-2022-31629 https://github.com/advisories/GHSA-c43m-486j-j32p , network and...

6.5CVSS7.1AI score0.49336EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2024/06/18 12:0 a.m.37 views

SUSE SLES15: apache2-mod_php7 / php7 / php7-bcmath / php7-bz2 / php7-calendar / etc (SUSE-SU-2024:2037-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2037-1 advisory. - CVE-2024-2756: Fixed bypass of security fix applied for CVE-2022-31629 that lead PHP to consider not secure cookies as secure...

6.5CVSS6.8AI score0.49336EPSS
Exploits4References10
OSV
OSV
added 2024/06/17 7:30 a.m.26 views

SUSE-SU-2024:2037-1 Security update for php7

This update for php7 fixes the following issues: - CVE-2024-2756: Fixed bypass of security fix applied for CVE-2022-31629 that lead PHP to consider not secure cookies as secure bsc1222857 - CVE-2024-3096: Fixed bypass on null byte leading passwords checked via passwordverify bsc1222858 -...

6.5CVSS7AI score0.3786EPSS
Exploits2References7
Rows per page
Query Builder