CVE-2023-0568 affecting package php for versions less than 8.2.3-1

CVE-2023-0568 affecting package php for versions less than 8.2.3-1. A patched version of the package is available...

CVE-2023-3823 affecting package php for versions less than 8.2.8-1

CVE-2023-3823 affecting package php for versions less than 8.2.8-1. A patched version of the package is available...

Mageia: Security Advisory (MGASA-2025-0203)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] php

New php packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: extra/php81/php81-8.1.33-i586-1slack15.0.txz: Upgraded. This update fixes security issues: PGSQL: Fixed pgsql extension does not check for errors during...

CVE-2022-45307

Insecure permissions in Chocolatey PHP package v8.1.12 and below grants all users in the Authenticated Users group write privileges for the subfolder C:\tools\php81 and all files located in that folder...

Oracle Linux 9 : php (ELSA-2025-7431)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-7431 advisory. - Fix libxml streams use wrong content-type header when requesting a redirected resource CVE-2025-1219 - Fix Stream HTTP wrapper header check might omi...

RHEL 9 : php (RHSA-2025:7315)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7315 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to...

CVE-2025-1734 affecting package php for versions less than 8.3.19-1

CVE-2025-1734 affecting package php for versions less than 8.3.19-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-1861 affecting package php for versions less than 8.1.32-1

CVE-2025-1861 affecting package php for versions less than 8.1.32-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-1734 affecting package php for versions less than 8.1.32-1

CVE-2025-1734 affecting package php for versions less than 8.1.32-1. An upgraded version of the package is available that resolves this issue...

OESA-2025-1304 php security update

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

Mageia: Security Advisory (MGASA-2025-0100)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware: Security Advisory (SSA:2025-073-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2025:14895-1 php8-8.3.19-1.1 on GA media

These are all security issues fixed in the php8-8.3.19-1.1 package on the GA media of openSUSE Tumbleweed...

Linux Distros Unpatched Vulnerability : CVE-2019-9021

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading...

Linux Distros Unpatched Vulnerability : CVE-2016-4540

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The graphemestripos function in ext/intl/grapheme/graphemestring.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to...

Linux Distros Unpatched Vulnerability : CVE-2016-7480

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The SplObjectStorage unserialize implementation in ext/spl/splobserver.c in PHP before 7.0.12 does not verify that a key is an object, which allows remote...

Linux Distros Unpatched Vulnerability : CVE-2016-7130

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The phpwddxpopelement function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service NULL pointer...

Linux Distros Unpatched Vulnerability : CVE-2015-7804

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Off-by-one error in the pharparsezipfile function in ext/phar/zip.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of...

Linux Distros Unpatched Vulnerability : CVE-2011-1153

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple format string vulnerabilities in pharobject.c in the phar extension in PHP 5.3.5 and earlier allow context-dependent attackers to obtain sensitive...