Lucene search
+L

35 matches found

nessus
nessus
added 2026/01/20 12:0 a.m.8 views

MiracleLinux 8 : php:7.4 (AXSA:2024-9405:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9405:01 advisory. php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: Passwordverify always return true with some hash CVE-2023-0567 php: Missing...

9.8CVSS8AI score0.49336EPSS
Exploits13References12
oraclelinux
oraclelinux
added 2025/05/22 12:0 a.m.19 views

php security update

8.0.30-3 - Fix libxml streams use wrong content-type header when requesting a redirected resource CVE-2025-1219 - Fix Stream HTTP wrapper header check might omit basic auth header CVE-2025-1736 - Fix Stream HTTP wrapper truncate redirect location to 1024 bytes CVE-2025-1861 - Fix Streams HTTP...

6.3CVSS8.5AI score0.49336EPSS
Exploits12
nessus
nessus
added 2025/05/13 12:0 a.m.10 views

RHEL 9 : php (RHSA-2025:7315)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7315 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to...

8.2CVSS7.6AI score0.49336EPSS
Exploits10References23
susecve
susecve
added 2025/02/14 5:37 a.m.4 views

SUSE CVE-2024-9026

In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, 8.3. before 8.3.12, when using PHP-FPM SAPI and it is configured to catch workers output through catchworkersoutput = yes, it may be possible to pollute the final log or remove up to 4 characters from the log messages by manipulating log...

3.3CVSS6.5AI score0.00483EPSS
Exploits1References13
nessus
nessus
added 2025/02/10 12:0 a.m.11 views

Azure Linux 3.0 Security Update: php (CVE-2024-9026)

The version of php installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-9026 advisory. - In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, 8.3. before 8.3.12, when using PHP-FPM SAPI and it is...

3.3CVSS6.9AI score0.00483EPSS
Exploits1References2
osv
osv
added 2024/12/19 4:19 a.m.26 views

RLSA-2024:10949 Moderate: php:8.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 php: passwordverify can erroneously return true, opening ATO risk CVE-2024-3096 php: Filter bypass in filtervar...

7.5CVSS6.8AI score0.3786EPSS
Exploits5References7
osv
osv
added 2024/12/19 4:19 a.m.35 views

RLSA-2024:10950 Moderate: php:8.1 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 php: passwordverify can erroneously return true, opening ATO risk CVE-2024-3096 php: Filter bypass in filtervar...

7.5CVSS6.8AI score0.3786EPSS
Exploits5References7
nessus
nessus
added 2024/12/19 12:0 a.m.23 views

AlmaLinux 8 : php:7.4 (ALSA-2024:10952)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:10952 advisory. php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: Passwordverify always return true with some hash CVE-2023-0567 php: Missing erro...

9.8CVSS7.8AI score0.49336EPSS
Exploits13References13
nessus
nessus
added 2024/12/13 12:0 a.m.23 views

Oracle Linux 8 : php:7.4 (ELSA-2024-10952)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-10952 advisory. - Fix cgi.forceredirect configuration is bypassable due to the environment variable collision CVE-2024-8927 - Fix Logs from childrens may be altered...

9.8CVSS7.7AI score0.49336EPSS
Exploits13References12
nessus
nessus
added 2024/12/11 12:0 a.m.20 views

RHEL 8 : php:7.4 (RHSA-2024:10952)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:10952 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: 1-byte array overrun in common...

9.8CVSS7.9AI score0.49336EPSS
Exploits13References26
osv
osv
added 2024/12/11 12:0 a.m.23 views

ALSA-2024:10951 Moderate: php:8.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 php: passwordverify can erroneously return true, opening ATO risk CVE-2024-3096 php: Filter bypass in filtervar...

7.5CVSS6.7AI score0.49336EPSS
Exploits7References14
nessus
nessus
added 2024/12/11 12:0 a.m.24 views

RHEL 9 : php:8.1 (RHSA-2024:10950)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:10950 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to...

7.5CVSS7.2AI score0.49336EPSS
Exploits7References15
nessus
nessus
added 2024/12/11 12:0 a.m.23 views

RHEL 9 : php:8.2 (RHSA-2024:10949)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:10949 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to...

7.5CVSS7.2AI score0.49336EPSS
Exploits7References16
cbl_mariner
cbl_mariner
added 2024/11/08 9:38 p.m.18 views

CVE-2024-9026 affecting package php for versions less than 8.3.12-1

CVE-2024-9026 affecting package php for versions less than 8.3.12-1. An upgraded version of the package is available that resolves this issue...

3.3CVSS6.9AI score0.00483EPSS
Exploits1
nessus
nessus
added 2024/11/02 12:0 a.m.14 views

CBL Mariner 2.0 Security Update: php (CVE-2024-9026)

The version of php installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-9026 advisory. - In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, 8.3. before 8.3.12, when using PHP-FPM SAPI and it is...

3.3CVSS6.9AI score0.00483EPSS
Exploits1References2
cbl_mariner
cbl_mariner
added 2024/11/01 4:41 p.m.23 views

CVE-2024-9026 affecting package php for versions less than 8.1.30-1

CVE-2024-9026 affecting package php for versions less than 8.1.30-1. An upgraded version of the package is available that resolves this issue...

3.3CVSS6.9AI score0.00483EPSS
Exploits1
nessus
nessus
added 2024/10/23 12:0 a.m.23 views

Slackware Linux 15.0 php81 Multiple Vulnerabilities (SSA:2024-297-01)

The version of php81 installed on the remote host is prior to 8.1.30. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-297-01 advisory. New php81 packages are available for Slackware 15.0 to fix security issues. Tenable has extracted the preceding description...

9.8CVSS7.6AI score0.99987EPSS
Exploits68References6
nessus
nessus
added 2024/10/19 12:0 a.m.26 views

SUSE SLES15: apache2-mod_php7 / php7 / php7-bcmath / php7-bz2 / php7-calendar / etc (SUSE-SU-2024:3733-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3733-1 advisory. - CVE-2024-8925: Fixed erroneous parsing of multipart form data in HTTP POST requests leads to legitimate data not...

7.5CVSS6.7AI score0.01054EPSS
Exploits3References10
openvas
openvas
added 2024/10/19 12:0 a.m.19 views

openSUSE Security Advisory (SUSE-SU-2024:3729-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.01054EPSS
Exploits3References6
openvas
openvas
added 2024/10/19 12:0 a.m.23 views

openSUSE Security Advisory (SUSE-SU-2024:3733-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.01054EPSS
Exploits3References6
Rows per page
Query Builder