494 matches found
openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand
A flaw was found in OpenSSH where the SSH client accepted \0 null characters in ssh:// URIs. When a ProxyCommand is configured, these characters could alter how the command is parsed, potentially leading to code execution depending on how the proxy is set up...
MiracleLinux 3 : gnutls-1.4.1-3.5.1AXS3 (AXSA:2009-384:01)
The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-384:01 advisory. GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library implements the...
MiracleLinux 8 : openssh-8.0p1-27.el8_10 (AXSA:2025-11617:08)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11617:08 advisory. openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand CVE-2025-61984 openssh: OpenSSH: Null character in...
MiracleLinux 9 : php:8.3 (AXSA:2025-11640:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11640:01 advisory. php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML...
CLSA-2026-1767627828 openssh: Fix of CVE-2025-61985
CVE-2025-61985: potential code execution using the ‘\0’ character in an ssh:// URI, when a ProxyCommand is used...
CLSA-2026-1767627264 openssh: Fix of CVE-2025-61985
CVE-2025-61985: potential code execution using the ‘\0’ character in an ssh:// URI, when a ProxyCommand is used...
AlmaLinux 9 : php:8.3 (ALSA-2025:23309)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23309 advisory. php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace...
AlmaLinux 8 : openssh (ALSA-2025:23481)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23481 advisory. openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand CVE-2025-61984 openssh: OpenSSH: Null character in ssh:// U...
php:8.3 security update
An update is available for module.php-pecl-redis6, module.php, php-pecl-redis6, module.php-pecl-apcu, php-pecl-rrd, php-pecl-zip, php, module.php-pecl-zip, module.php-pecl-rrd, php-pecl-apcu, php-pecl-xdebug3, module.php-pecl-xdebug3. This update affects Rocky Linux 9. A Common Vulnerability...
php: PHP Hostname Null Character Vulnerability
A flaw was found in PHP. The fsockopen function and related functions fail to validate NULL characters within the provided hostname, potentially leading to unexpected behavior during parsing. This flaw allows a network attacker to supply a specially crafted hostname. This issue can result in a...
Moderate: Red Hat Security Advisory: php:8.3 security update
An update for the php:8.3 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 9 : php:8.3 (RHSA-2025:23309)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23309 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: pgsql extension does not check f...
openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand
A flaw was found in OpenSSH where the SSH client accepted \0 null characters in ssh:// URIs. When a ProxyCommand is configured, these characters could alter how the command is parsed, potentially leading to code execution depending on how the proxy is set up...
openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand
A flaw was found in OpenSSH where the SSH client accepted \0 null characters in ssh:// URIs. When a ProxyCommand is configured, these characters could alter how the command is parsed, potentially leading to code execution depending on how the proxy is set up...
openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand
A flaw was found in OpenSSH where the SSH client accepted \0 null characters in ssh:// URIs. When a ProxyCommand is configured, these characters could alter how the command is parsed, potentially leading to code execution depending on how the proxy is set up...
RHEL 8 : openssh (RHSA-2025:23481)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23481 advisory. OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files...
ALSA-2025:23479 Moderate: openssh security update
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand...
ALSA-2025:23309 Moderate: php:8.3 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix CVE-2025-6491 php: PHP Hostname Nul...
CVE-2025-14549 OMR on Z processors Exposing a possible buffer over-read problem
In the Eclipse OMR compiler component, since release 0.7.0, an optimization enabled for Eclipse OpenJ9 consumers of OMR on Z processors incorrectly handles NUL 0x00 characters during the Latin-compatible charset UTF-8, ISO8859-1, ASCII, etc to IBM-1047/037 translation sequence. This can cause the...
Eclipse OMR 缓冲区错误漏洞
Eclipse OMR is an open source toolkit from the Eclipse Foundation for building language runtime environments. A buffer error vulnerability exists in Eclipse OMR versions prior to 0.8.0, which stems from the incorrect handling of NUL characters during the character conversion process, and may resu...