MiracleLinux 4 : rh-php56-php-5.6.5-9.AXS4 (AXSA:2016-622:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-622:02 advisory. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in...

MiracleLinux 4 : php54-php-5.4.40-4.AXS4 (AXSA:2016-620:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-620:01 advisory. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in...

MiracleLinux 7 : php55-php-5.5.21-5.el7 (AXSA:2016-632:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-632:01 advisory. Security issues fixed with this release: CVE-2016-5385 PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore...

MiracleLinux 4 : php55-php-5.5.21-5.AXS4 (AXSA:2016-625:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-625:01 advisory. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in...

MiracleLinux 7 : rh-php56-php-5.6.5-9.el7 (AXSA:2016-623:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-623:03 advisory. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in...

MiracleLinux 7 : php-5.4.16-36.3.el7 (AXSA:2016-624:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-624:02 advisory. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in...

EUVD-2016-7216

Malware in sbrugna...

EUVD-2016-7217

Malware in sbrugna...

EUVD-2020-0227

Malware in sbrugna...

EUVD-2016-1054

Malware in sbrugna...

EUVD-2016-1053

Malware in sbrugna...

Erlang/OTP (Erlang OTP) Httpd CGI Scripts Environment Variable Pollution Vulnerability (Sep 2025, httpoxy) - Linux

Erlang/OTP Erlang OTP is prone to a Httpd CGI scripts environment variable pollution vulnerability in the inets component dubbed SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Erlang/OTP (Erlang OTP) Httpd CGI Scripts Environment Variable Pollution Vulnerability (Sep 2025, httpoxy) - Windows

Erlang/OTP Erlang OTP is prone to a Httpd CGI scripts environment variable pollution vulnerability in the inets component dubbed SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Linux Distros Unpatched Vulnerability : CVE-2016-1000109

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HHVM does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted clie...

The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.

...

Linux Distros Unpatched Vulnerability : CVE-2016-1000107

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data...

Linux Distros Unpatched Vulnerability : CVE-2016-5388

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect...

Security Bulletin: IBM Concert Software is vulnerable to multiple issues

Summary IBM Concert Software uses multiple open source libraries which are susceptible to various security vulnerabilities. Vulnerability Details CVEID:CVE-2015-5739 DESCRIPTION: Go is vulnerable to HTTP request smuggling, caused by a flaw in net/http library in net/textproto/reader.go. By sendin...

Ubuntu 16.04 ESM : Apache Tomcat 7 vulnerabilities (USN-4791-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4791-1 advisory. It was discovered that Apache Tomcat 7 did not protect applications from the presence of untrusted client data in an environment variable. A remote...

Security Bulletin: Multiple vulnerabilities in Apache Tomcat affect SAN Volume Controller, Storwize family and FlashSystem V9000 products

Summary Vulnerabilities in the Apache Tomcat component affect the product's management GUI. The CLI interface is unaffected. The applicable CVEs are CVE-2016-5385 CVE-2016-5386 CVE-2016-5387 CVE-2016-5388. Vulnerability Details CVEID: CVE-2016-5385 DESCRIPTION: PHP could allow a remote attacker t...