CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Security Advisory Description CVE-2019-9024 An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpcdecode can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64decodexmlrpc in...

8.8CVSS8.2AI score0.2126EPSS

Exploits4

SUSE CVE•added 2023/02/15 6:15 a.m.•2 views

SUSE CVE-2006-3011

The errorlog function in basicfunctions.c in PHP before 4.4.4 and 5.x before 5.1.5 allows local users to bypass safe mode and openbasedir restrictions via a "php://" or other scheme in the third argument, which disables safe mode...

4.6CVSS6.7AI score0.00438EPSS

Exploits2References4

SUSE CVE•added 2023/02/15 6:14 a.m.•1 views

SUSE CVE-2006-4625

PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safemode and openbasedir, via the inirestore function, which resets the values to their php.ini Master Value defaults...

3.6CVSS6.8AI score0.00367EPSS

Exploits2References4

SUSE CVE•added 2023/02/15 6:14 a.m.•2 views

SUSE CVE-2006-5706

Unspecified vulnerabilities in PHP, probably before 5.2.0, allow local users to bypass openbasedir restrictions and perform unspecified actions via unspecified vectors involving the 1 chdir and 2 tempnam functions. NOTE: the tempnam vector might overlap CVE-2006-1494...

7.2CVSS6.8AI score0.0005EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 6:13 a.m.•2 views

SUSE CVE-2006-6383

PHP 5.2.0 and 4.4 allows local users to bypass safemode and openbasedir restrictions via a malicious path and a null byte before a ";" in a sessionsavepath argument, followed by an allowed path, which causes a parsing inconsistency in which PHP validates the allowed path but sets session.savepath...

4.6CVSS6.7AI score0.00397EPSS

Exploits1References7

SUSE CVE•added 2023/02/15 6:12 a.m.•2 views

SUSE CVE-2007-1835

PHP 4 before 4.4.5 and PHP 5 before 5.2.1, when using an empty session save path session.savepath, uses the TMPDIR default after checking the restrictions, which allows local users to bypass openbasedir restrictions...

4.6CVSS6.7AI score0.00138EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 5:57 a.m.•1 views

SUSE CVE-2010-3436

fopenwrappers.c in PHP 5.3.x through 5.3.3 might allow remote attackers to bypass openbasedir restrictions via vectors related to the length of a filename...

5CVSS7.1AI score0.03613EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 5:45 a.m.•3 views

SUSE CVE-2012-3365

The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the openbasedir protection mechanism via unspecified vectors...

5CVSS7.1AI score0.00917EPSS

Exploits1References7

Rosalinux•added 2021/07/02 5:57 p.m.•66 views

Advisory ROSA-SA-2021-1950

Software: php 5.4.16 OS: Cobalt 7.9 CVE-ID: CVE-2011-4718 CVE-Crit: MEDIUM CVE-DESC: A session commit vulnerability in the session subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID. CVE-STATUS: Default CVE-REV: Default CVE-ID: CVE-2011-4718...

7.5CVSS9.4AI score0.37602EPSS

Exploits11

OpenVAS•added 2021/06/09 12:0 a.m.•16 views

SUSE: Security Advisory (SUSE-SU-2012:1034-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.6AI score0.32676EPSS

Exploits2References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by