18 matches found
RockyLinux 9 : php:8.3 (RLSA-2026:22142)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:22142 advisory. PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions CVE-2026-7258 PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting...
Linux Distros Unpatched Vulnerability : CVE-2016-7132
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service NULL pointer dereference and application crash o...
Linux Distros Unpatched Vulnerability : CVE-2016-10162
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The phpwddxpopelement function in ext/wddx/wddx.c in PHP 7.0.x before 7.0.15 and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service NULL...
Linux Distros Unpatched Vulnerability : CVE-2016-4542
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The exifprocessIFDTAG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not properly construct spprintf arguments...
Linux Distros Unpatched Vulnerability : CVE-2016-6294
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The localeacceptfromhttp function in ext/intl/locale/localemethods.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 does not properly restrict...
Linux Distros Unpatched Vulnerability : CVE-2016-6288
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The phpurlparseex function in ext/standard/url.c in PHP before 5.5.38 allows remote attackers to cause a denial of service buffer over-read or possibly have...
Linux Distros Unpatched Vulnerability : CVE-2016-7418
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The phpwddxpushelement function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service invalid point...
Linux Distros Unpatched Vulnerability : CVE-2015-7803
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The phargetentrydata function in ext/phar/util.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service NULL pointer...
Linux Distros Unpatched Vulnerability : CVE-2017-11362
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP 7.x before 7.0.21 and 7.1.x before 7.1.7, ext/intl/msgformat/msgformatparse.c does not restrict the locale length, which allows remote attackers to cause...
Linux Distros Unpatched Vulnerability : CVE-2015-8873
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack consumption vulnerability in Zend/zendexceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to cause a...
Linux Distros Unpatched Vulnerability : CVE-2016-9138
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PHP through 5.6.27 and 7.x through 7.0.12 mishandles property modification during wakeup processing, which allows remote attackers to cause a denial of service ...
CVE-2016-7416
ext/intl/msgformat/msgformatformat.c in PHP before 5.6.26 and 7.x before 7.0.11 does not properly restrict the locale length provided to the Locale class in the ICU library, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via ...
CVE-2016-4537
The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 accepts a negative integer for the scale argument, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call...
CVE-2007-6039
PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service application crash via a long string in 1 the domain parameter to the dgettext function, the message parameter to the 2 dcgettext or 3 gettext function, the msgid1 parameter to the 4 dngettext or 5 ngettext...
CVE-2014-0237
The cdfunpacksummaryinfo function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service performance degradation by triggering many fileprintf calls...
CVE-2007-6039
PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service application crash via a long string in 1 the domain parameter to the dgettext function, the message parameter to the 2 dcgettext or 3 gettext function, the msgid1 parameter to the 4 dngettext or 5 ngettext...
JVN#29273468 QRcode Perl CGI & PHP script vulnerable to denial of service attack
Impact A remote attacker may cause a denial of service DoS attack. Solution Products Affected QRcode Perl/CGI & PHP script ver. 0.50f and earlier including both Perl versions and PHP versions...
PHP Interpreter 3.0.x4.0.x4.14.2 - Direct Invocation Denial of Service
PHP Interpreter 3.0.x4.0.x4.14.2 - Direct Invocation Denial of Service // source: https://www.securityfocus.com/bid/5280/info It is possible, under some circumstances, for remote attackers to invoke the PHP interpreter from the web. If the interpreter is invoked with no command line options, it...