Mageia: Security Advisory (MGASA-2024-0375)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-5717-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-5424-1 : php7.4 - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5424 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The...

Debian DSA-5425-1 : php8.2 - security update

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5425 advisory. It was discovered that PHP's implementation of SOAP HTTP Digest authentication performed insufficient error validation, which may result in a stack information leak or use...

Debian: Security Advisory (DLA-94-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2014-9705

Heap-based buffer overflow in the enchantbrokerrequestdict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries...

CentOS 8 : php:8.0 (CESA-2022:7624)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:7624 advisory. - php: Use after free due to phpfilterfloat failing for ints CVE-2021-21708 - php: Uninitialized array in pgqueryparams leading to RCE CVE-2022-31625...

SUSE SLES15 Security Update : php7 (SUSE-SU-2022:1768-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1768-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable, Inc...

SUSE SLES12 Security Update : php7 (SUSE-SU-2022:1764-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1764-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable, Inc...

SUSE SLES12 Security Update : php72 (SUSE-SU-2022:1714-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1714-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable, Inc...

new packages: python-enchant

An update is available for python-enchant. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

new packages: enchant

An update is available for enchant. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterprise...

Fedora 30 : php (2020-ce5a2a7403)

PHP version 7.3.16 19 Mar 2020 Core: - Fixed bug php63206 restoreerrorhandler does not restore previous errors mask. Mark Plomer DOM: - Fixed bug php77569: Write Access Violation in DomImplementation. Nikita, cmb - Fixed bug php79271 DOMDocumentType::$childNodes is NULL. cmb Enchant: - Fixed bug...

Fedora 31 : php (2020-0bf228857a)

PHP version 7.3.16 19 Mar 2020 Core: - Fixed bug php63206 restoreerrorhandler does not restore previous errors mask. Mark Plomer DOM: - Fixed bug php77569: Write Access Violation in DomImplementation. Nikita, cmb - Fixed bug php79271 DOMDocumentType::$childNodes is NULL. cmb Enchant: - Fixed bug...

Integer Overflow

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. CVE-2015-4024 An uninitialized pointer use flaw was found ...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php54 packages provide a recent stable release of PHP with the PEAR 1.9.4, APC 3.1.15, and memcache 3.0.8 PECL extensions, and a number of additional utilities. The php54 packages have been upgraded to...

Use-After-Free

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to...

Out-Of-Bounds Read

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to...

SUSE SLES12 Security Update : php5 (SUSE-SU-2015:0868-1)

PHP was updated to fix ten security issues. The following vulnerabilities were fixed : - CVE-2014-9709: A specially crafted GIF file could cause a buffer read overflow in php-gd bnc923946 - CVE-2015-2301: Memory was use after it was freed in PHAR bnc922022 - CVE-2015-2305: heap overflow...

Security update for webkit2gtk3 (important)

This update for webkit2gtk3 fixes the following issues: Update to version 2.18.5: + Disable SharedArrayBuffers from Web API. + Reduce the precision of "high" resolution time to 1ms. + bsc1075419 - Security fixes: includes improvements to mitigate the effects of Spectre and Meltdown CVE-2017-5753...