Lucene search
K

380 matches found

Amazon
Amazon
added 2013/12/17 12:0 a.m.79 views

Critical: php

Issue Overview: The asn1timetotimet function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse 1 notBefore and 2 notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of...

7.5CVSS8.2AI score0.35635EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2013/07/23 12:0 a.m.33 views

Fedora 17 : php-5.4.17-2.fc17 (2013-12354)

04 Jul 2013, PHP 5.4.17 Core : - Fixed bug 64988 Class loading order affects ESTRICT warning. Laruence - Fixed bug 64966 segfault in zenddofcallcommonhelperSPEC. Laruence - Fixed bug 64960 Segfault in gczvalpossibleroot. Laruence - Fixed bug 64936 doc comments picked up from previous scanner run...

6.8CVSS8.6AI score0.05186EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2013/07/23 12:0 a.m.51 views

Fedora 18 : php-5.4.17-2.fc18 (2013-12315)

04 Jul 2013, PHP 5.4.17 Core : - Fixed bug 64988 Class loading order affects ESTRICT warning. Laruence - Fixed bug 64966 segfault in zenddofcallcommonhelperSPEC. Laruence - Fixed bug 64960 Segfault in gczvalpossibleroot. Laruence - Fixed bug 64936 doc comments picked up from previous scanner run...

6.8CVSS8.6AI score0.05186EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2013/02/27 12:0 a.m.64 views

php security, bug fix and enhancement update

5.3.3-22 - php-xml provides php-xmlreader and php-xmlwriter 874987 - fix possible NULL derefence and buffer overflow 879179 - fix zend garbage collector 848186, 868375 5.3.3-21 - fix CVE reference in previous changelog entry 5.3.3-20 - remove reproducer from security fix for CVE-2012-0781 5.3.3-1...

10CVSS0.1AI score0.10768EPSS
Exploits7
NVD
NVD
added 2012/06/29 5:55 p.m.13 views

CVE-2012-3818

The fpm exporter in Revelation 0.4.13-2 and earlier encrypts the version number but not the password when exporting a file, which might allow local users to obtain sensitive information...

2.1CVSS6.2AI score0.00329EPSS
Exploits0References2
OSV
OSV
added 2012/06/29 5:55 p.m.6 views

CVE-2012-3818

The fpm exporter in Revelation 0.4.13-2 and earlier encrypts the version number but not the password when exporting a file, which might allow local users to obtain sensitive information...

6.5AI score
Exploits0References2
OSV
OSV
added 2012/06/29 5:55 p.m.4 views

DEBIAN-CVE-2012-3818

The fpm exporter in Revelation 0.4.13-2 and earlier encrypts the version number but not the password when exporting a file, which might allow local users to obtain sensitive information...

2.1CVSS6.5AI score0.00329EPSS
Exploits0References1
OSV
OSV
added 2012/06/29 5:55 p.m.13 views

UBUNTU-CVE-2012-3818

The fpm exporter in Revelation 0.4.13-2 and earlier encrypts the version number but not the password when exporting a file, which might allow local users to obtain sensitive information...

2.1CVSS5.8AI score0.00329EPSS
Exploits0References4
Prion
Prion
added 2012/06/29 5:55 p.m.16 views

Information disclosure

The fpm exporter in Revelation 0.4.13-2 and earlier encrypts the version number but not the password when exporting a file, which might allow local users to obtain sensitive information...

2.1CVSS6.7AI score0.00329EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2012/06/29 5:55 p.m.24 views

CVE-2012-3818

The fpm exporter in Revelation 0.4.13-2 and earlier encrypts the version number but not the password when exporting a file, which might allow local users to obtain sensitive information...

2.1CVSS5.9AI score0.00329EPSS
Exploits0References3
CVE
CVE
added 2012/06/29 5:0 p.m.40 views

CVE-2012-3818

The CVE-2012-3818 issue affects the fpm exporter in Revelation (versions up to and including 0.4.13-2). The root cause is that the exporter encrypts the version number but leaves the password unencrypted when exporting a file, which could allow local users to obtain sensitive information. The con...

2.1CVSS6.4AI score0.00329EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2012/06/29 5:0 p.m.19 views

CVE-2012-3818

The fpm exporter in Revelation 0.4.13-2 and earlier encrypts the version number but not the password when exporting a file, which might allow local users to obtain sensitive information...

6.2AI score0.00329EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2012/06/29 5:0 p.m.30 views

CVE-2012-3818

The fpm exporter in Revelation 0.4.13-2 and earlier encrypts the version number but not the password when exporting a file, which might allow local users to obtain sensitive information...

2.1CVSS6AI score0.00329EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/05/07 12:0 a.m.36 views

Fedora 16 : maniadrive-1.2-32.fc16.3 / php-5.3.11-1.fc16 / php-eaccelerator-0.9.6.1-9.fc16.3 (2012-6907)

Upstream Security Enhancements : - Fixed bug 54374 Insufficient validating of upload name leading to corrupted $FILES indices. CVE-2012-1172. - Add openbasedir checks to readlinewritehistory and readlinereadhistory. - Fixed bug 61043 Regression in magicquotesgpc fix for CVE-2012-0831. Upstream...

6.8CVSS8.2AI score0.06709EPSS
Exploits4References8
ThreatPost
ThreatPost
added 2012/05/04 2:26 p.m.56 views

PHP Group Releases New Versions, But Patch Doesn't Fix CVE-2012-1823 Bug

UPDATE–The developers of PHP have released new versions of the scripting language to fix a remotely exploitable vulnerability announced earlier this week that enables an attacker to pass command-line arguments to the PHP binary. The flaw has been in the code for more than eight years and The PHP...

7.5CVSS9.8AI score0.99998EPSS
Exploits43References4
Tenable Nessus
Tenable Nessus
added 2011/03/18 12:0 a.m.53 views

PHP 5.3 < 5.3.6 String To Double Conversion DoS

Binary data 801082.prm...

7.5CVSS8.4AI score0.17881EPSS
Exploits24References15
Tenable Nessus
Tenable Nessus
added 2010/12/16 12:0 a.m.64 views

Mandriva Linux Security Advisory : php (MDVSA-2010:254)

This is a maintenance and security update that upgrades php to 5.3.4 for 2010.0/2010.1. Security Enhancements and Fixes in PHP 5.3.4 : - Paths with NULL in them foo\0bar.txt are now considered as invalid CVE-2006-7243. - Fixed bug 53512 NumberFormatter::setSymbol crash on bogus values CVE-2010-44...

6.8CVSS7.3AI score0.18878EPSS
Exploits16References6
OpenVAS
OpenVAS
added 2010/06/11 12:0 a.m.7 views

Mandriva Update for php MDVA-2010:163 (php)

Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVA-2010:163 php Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

7.4AI score
Exploits0References2
OpenVAS
OpenVAS
added 2010/06/11 12:0 a.m.9 views

Mandriva Update for php MDVA-2010:163 (php)

Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVA-2010:163 php Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

7.4AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2010/06/10 12:0 a.m.13 views

MDVA-2010:163 : php

This is a maintenance update that upgrades php to the latest upstream versions for CS4/MES5/2008.0/2009.0/2009.1/2010.0. Additionally some of the third party extensions and required dependencies has been upgraded. Corporate Server 4.0 with php-5.1.6 had the old Hardening-Patch 0.4.14 applied...

6.9AI score
Exploits0References1
Rows per page
Query Builder