Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2018/11/26 12:0 a.m.51 views

Debian DLA-1593-1 : phpbb3 security update

Simon Scannell and Robin Peraglie of RIPS Technologies discovered that passing an absolute path to a fileexists check in phpBB, a full featured web forum, allows remote code execution through Object Injection by employing Phar deserialization when an attacker has access to the Admin Control Panel...

7.2CVSS7.8AI score0.05201EPSS
Exploits1References3
Debian
Debian
added 2018/11/24 5:31 p.m.253 views

[SECURITY] [DLA 1593-1] phpbb3 security update

Package : phpbb3 Version : 3.0.12-5+deb8u2 CVE ID : CVE-2018-19274 Simon Scannell and Robin Peraglie of RIPS Technologies discovered that passing an absolute path to a fileexists check in phpBB, a full featured web forum, allows remote code execution through Object Injection by employing Phar...

7.2CVSS7.3AI score0.05201EPSS
Exploits1
OSV
OSV
added 2014/07/08 10:44 p.m.15 views

MGASA-2014-0288 Updated gd and libgd packages fix security vulnerability

The gdImageCreateFromXpm function in gdxpm.c in the gd image library allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted color table in an XPM file CVE-2014-2497...

4.3CVSS8.9AI score0.22319EPSS
Exploits3References3
Mageia
Mageia
added 2014/07/08 10:29 p.m.81 views

Updated php packages fix multiple vulnerabilities

Updated php packages fix security vulnerabilities: The unserialize function in PHP before 5.4.30 and 5.5.14 has a Type Confusion issue related to the SPL ArrayObject and SPLObjectStorage Types CVE-2014-3515. It was discovered that PHP is vulnerable to a heap-based buffer overflow in the DNS TXT...

7.5CVSS9.5AI score0.30128EPSS
Exploits9References3
OSV
OSV
added 2014/07/08 10:29 p.m.28 views

MGASA-2014-0283 Updated php packages fix multiple vulnerabilities

Updated php packages fix security vulnerabilities: The unserialize function in PHP before 5.4.30 and 5.5.14 has a Type Confusion issue related to the SPL ArrayObject and SPLObjectStorage Types CVE-2014-3515. It was discovered that PHP is vulnerable to a heap-based buffer overflow in the DNS TXT...

7.5CVSS8.6AI score0.30128EPSS
Exploits9References4
Rows per page
Query Builder