493 matches found
Moderate: Red Hat Security Advisory: openssh security update
An update for openssh is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
RHEL 9 : openssh (RHSA-2026:1815)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1815 advisory. OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files...
openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand
A flaw was found in OpenSSH where the SSH client accepted \0 null characters in ssh:// URIs. When a ProxyCommand is configured, these characters could alter how the command is parsed, potentially leading to code execution depending on how the proxy is set up...
Moderate: Red Hat Security Advisory: openssh security update
An update for openssh is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
MiracleLinux 8 : php:8.2 (AXSA:2026-124:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-124:01 advisory. php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML...
php:8.2 security update
An update is available for module.php, module.php-pear, module.php-pecl-apcu, php-pecl-rrd, module.php-pecl-xdebug3, php, php-pear, php-pecl-zip, module.php-pecl-zip, module.php-pecl-rrd, php-pecl-apcu, php-pecl-xdebug3, module.libzip, libzip. This update affects Rocky Linux 8. A Common...
RLSA-2026:1412 Important: php:8.2 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix CVE-2025-6491 php: PHP Hostname Nul...
php: PHP Hostname Null Character Vulnerability
A flaw was found in PHP. The fsockopen function and related functions fail to validate NULL characters within the provided hostname, potentially leading to unexpected behavior during parsing. This flaw allows a network attacker to supply a specially crafted hostname. This issue can result in a...
php: PHP Hostname Null Character Vulnerability
A flaw was found in PHP. The fsockopen function and related functions fail to validate NULL characters within the provided hostname, potentially leading to unexpected behavior during parsing. This flaw allows a network attacker to supply a specially crafted hostname. This issue can result in a...
Astra Linux – Vulnerability in OpenSSH
Using SSH in OpenSSH before version 10.1 allows for the use of the '\0' character in an SSH URI. This could potentially lead to code execution when a ProxyCommand is used...
Important: php:8.2 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix CVE-2025-6491 php: PHP Hostname Nul...
ALSA-2026:1412 Important: php:8.2 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix CVE-2025-6491 php: PHP Hostname Nul...
ALSA-2026:1409 Important: php:8.2 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix CVE-2025-6491 php: PHP Hostname Nul...
openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand
A flaw was found in OpenSSH where the SSH client accepted \0 null characters in ssh:// URIs. When a ProxyCommand is configured, these characters could alter how the command is parsed, potentially leading to code execution depending on how the proxy is set up...
RHEL 9 : openssh (RHSA-2026:0976)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0976 advisory. OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files...
MiracleLinux 9 : java-11-openjdk-11.0.19.0.7-1.el9 (AXSA:2023-5305:07)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5305:07 advisory. OpenJDK: improper connection handling during TLS handshake 8294474 CVE-2023-21930 OpenJDK: Swing HTML parsing issue 8296832 CVE-2023-21939 OpenJDK:...
MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.372.b07-1.el7 (AXSA:2023-5312:06)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5312:06 advisory. OpenJDK: improper connection handling during TLS handshake 8294474 CVE-2023-21930 OpenJDK: Swing HTML parsing issue 8296832 CVE-2023-21939 OpenJDK:...
MiracleLinux 9 : java-17-openjdk-17.0.7.0.7-1.el9 (AXSA:2023-5309:06)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5309:06 advisory. OpenJDK: improper connection handling during TLS handshake 8294474 CVE-2023-21930 OpenJDK: Swing HTML parsing issue 8296832 CVE-2023-21939 OpenJDK:...
MiracleLinux 7 : java-11-openjdk-11.0.19.0.7-1.el7 (AXSA:2023-5304:06)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5304:06 advisory. OpenJDK: improper connection handling during TLS handshake 8294474 CVE-2023-21930 OpenJDK: Swing HTML parsing issue 8296832 CVE-2023-21939 OpenJDK:...
openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand
A flaw was found in OpenSSH where the SSH client accepted \0 null characters in ssh:// URIs. When a ProxyCommand is configured, these characters could alter how the command is parsed, potentially leading to code execution depending on how the proxy is set up...