31 matches found
TencentOS Server 3: php:7.4 (TSSA-2026:0172)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0172 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
MiracleLinux 7 : php-5.4.16-48.0.5.el7.AXS7 (AXSA:2025-9709:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9709:01 advisory. CVE-2024-8929: fix various heap buffer over-reads CVEs: CVE-2024-8929 In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, a hostile...
Fedora: Security Advisory (FEDORA-2024-3891a08c9e)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
php security update
8.0.30-3 - Fix libxml streams use wrong content-type header when requesting a redirected resource CVE-2025-1219 - Fix Stream HTTP wrapper header check might omit basic auth header CVE-2025-1736 - Fix Stream HTTP wrapper truncate redirect location to 1024 bytes CVE-2025-1861 - Fix Streams HTTP...
Moderate: php:8.2 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: Leak partial content of the heap through heap buffer over-read in mysqlnd CVE-2024-8929 php: Single byte overread with convert.quoted-printable-decode filter CVE-2024-11233 php: Configuring ...
RHEL 9 : php (RHSA-2025:7315)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7315 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to...
RHEL 9 : php:8.1 (RHSA-2025:4263)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:4263 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: Leak partial content of the heap...
Linux Distros Unpatched Vulnerability : CVE-2024-8929
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap...
Azure Linux 3.0 Security Update: php (CVE-2024-8929)
The version of php installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-8929 advisory. - In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, a hostile MySQL server can cause the...
K000149655: PHP vulnerabilities CVE-2024-11236, CVE-2024-8929, CVE-2024-8932
Security Advisory Description CVE-2024-11236 In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, uncontrolled long string inputs to ldapescape function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write. CVE-2024-8929 In PHP versions 8.1...
CLSA-2025-1738696117 php: Fix of CVE-2024-8929
CVE-2024-8929: fix various heap buffer over-reads for mysqlnd - Modify spec and run-tests.php to fix extension loading during testing...
USN-7157-3: PHP vulnerabilities
USN-7157-1 fixed vulnerabilities in PHP versions 7.4, 8.1, and 8.3. This update provides the corresponding updates for PHP version 7.0. Original advisory details: It was discovered that PHP incorrectly handled certain inputs when processed with convert.quoted-printable decode filters. An attacker...
CVE-2024-8929 affecting package php for versions less than 8.3.14-1
CVE-2024-8929 affecting package php for versions less than 8.3.14-1. An upgraded version of the package is available that resolves this issue...
SUSE SLES15 / openSUSE 15 Security Update : php8 (SUSE-SU-2024:4136-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4136-1 advisory. - CVE-2024-11233: Single byte overread with convert.quoted-printable-decode filter bsc1233702. - CVE-2024-11234:...
Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : PHP vulnerabilities (USN-7157-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7157-1 advisory. It was discovered that PHP incorrectly handled certain inputs when processed with convert.quoted-printable decode filters...
SUSE SLES15: apache2-mod_php7 / php7 / php7-bcmath / php7-bz2 / php7-calendar / etc (SUSE-SU-2024:4146-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4146-1 advisory. - CVE-2024-11233: Single byte overread with convert.quoted-printable-decode filter bsc1233702. - CVE-2024-11234:...
CBL Mariner 2.0 Security Update: php (CVE-2024-8929)
The version of php installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-8929 advisory. - In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, a hostile MySQL server can cause the...
Debian: Security Advisory (DLA-3986-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-8929 affecting package php for versions less than 8.1.31-1
CVE-2024-8929 affecting package php for versions less than 8.1.31-1. An upgraded version of the package is available that resolves this issue...
openSUSE Security Advisory (SUSE-SU-2024:4215-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...