Huawei EulerOS: Security Advisory for php (EulerOS-SA-2018-1224)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to...

Null Pointer Dereference

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to...

Out-Of-Bounds Read

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to...

Fedora 29 : php (2018-7ebfe1e6f2)

PHP version 7.2.13 06 Dec 2018 ftp: - Fixed bug php77151 ftpclose: SSLread on shutdown. Remi CLI: - Fixed bug php77111 php-win.exe corrupts unicode symbols from cli parameters. Anatol Fileinfo: - Fixed bug php77095 slowness regression in 7.2/7.3 compared to 7.1. Anatol iconv: - Fixed bug php77147...

Fedora 28 : php (2018-9438795217)

PHP version 7.2.8 19 Jul 2018 Core: - Fixed bug php76534 PHP hangs on 'illegal string offset on string references with an error handler. Laruence - Fixed bug php76520 Object creation leaks memory when executed over HTTP. Nikita - Fixed bug php76502 Chain of mixed exceptions and errors does not...

Fedora 28 : php (2018-dfe1f0bac6)

PHP version 7.2.13 06 Dec 2018 ftp: - Fixed bug php77151 ftpclose: SSLread on shutdown. Remi CLI: - Fixed bug php77111 php-win.exe corrupts unicode symbols from cli parameters. Anatol Fileinfo: - Fixed bug php77095 slowness regression in 7.2/7.3 compared to 7.1. Anatol iconv: - Fixed bug php77147...

Fedora 26 : php (2018-e8bc8d2784)

PHP version 7.1.15 01 Mar 2018 Apache2Handler: - Fixed bug php75882 a simple way for segfaults in threadsafe php just with configuration. Anatol Date: - Fixed bug php75857 Timezone gets truncated when formatted. carusogabriel - Fixed bug php75928 Argument 2 for DateTimeZone::listIdentifiers shoul...

Fedora 27 : php (2018-a89ccf7133)

PHP version 7.1.15 01 Mar 2018 Apache2Handler: - Fixed bug php75882 a simple way for segfaults in threadsafe php just with configuration. Anatol Date: - Fixed bug php75857 Timezone gets truncated when formatted. carusogabriel - Fixed bug php75928 Argument 2 for DateTimeZone::listIdentifiers shoul...

Internet Bug Bounty: Heap overflow due to integer overflow in pg_escape_string() function

The fix for this bug has been committed: https://bugs.php.net/bug.php?id=73399 Description: ------------ I have found some vulnerable code at pgescapestring function in module PostgreSQL. pgescapestring function creates a new zendstring object to store escaped string. The size of destination stri...

PHP 'pgsql_statement.c' Denial of Service Vulnerability

PHP is an open source general-purpose computer scripting language. PHP 'pgsqlstatement.c' has a denial of service vulnerability that allows attackers to cause a denial of service by exploiting this vulnerability...

CVE-2007-3279

PostgreSQL 8.1 and probably later versions, when the PL/pgSQL plpgsql language has been created, grants certain plpgsql privileges to the PUBLIC domain, which allows remote attackers to create and execute functions, as demonstrated by functions that perform local brute-force password guessing...

CVE-2015-7766

PGSQL:SubmitQuery.do in ZOHO ManageEngine OpManager 11.6, 11.5, and earlier allows remote administrators to bypass SQL query restrictions via a comment in the query to api/json/admin/SubmitQuery, as demonstrated by "INSERT//INTO."...

Authentication flaw

PGSQL:SubmitQuery.do in ZOHO ManageEngine OpManager 11.6, 11.5, and earlier allows remote administrators to bypass SQL query restrictions via a comment in the query to api/json/admin/SubmitQuery, as demonstrated by "INSERT//INTO."...

CVE-2015-7766

CVE-2015-7766 affects Zoho ManageEngine OpManager 11.6, 11.5 and earlier. The issue in PGSQL:SubmitQuery.do lets remote admins bypass SQL query restrictions by inserting a comment into requests to api/json/admin/SubmitQuery (e.g., "INSERT/**/INTO"). Public references describe this as a SQL query ...

CVE-2015-7766

PGSQL:SubmitQuery.do in ZOHO ManageEngine OpManager 11.6, 11.5, and earlier allows remote administrators to bypass SQL query restrictions via a comment in the query to api/json/admin/SubmitQuery, as demonstrated by "INSERT//INTO."...

Amazon Linux: Security Advisory (ALAS-2015-510)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FireFox file stealing 0day vulnerability has been hacked“real”use, the official emergency release to fix patch-bug warning-the black bar safety net

In Russia a web site, the researchers found a Firefox serious 0day exploits program Exp code, you can steal Windows and Linux users on the computer file. This security event is forcing Mozilla to the official emergency release patch. Vulnerability description The vulnerability is caused by the...

Moderate: Red Hat Security Advisory: php55 security and bug fix update

Updated php55 collection packages that fix multiple security issues and several bugs are now available as part of Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

Amazon Linux AMI : php56 (ALAS-2015-511)

A use-after-free flaw was found in PHP's OPcache extension. This flaw could possibly lead to a disclosure of portion of server memory. CVE-2015-1351 A NULL pointer dereference flaw was found in PHP's pgsql extension. A specially crafted table name passed to function as pginsert or pgselect could...