Lucene search
K

135 matches found

Mageia
Mageia
added 2019/01/18 10:19 p.m.10 views

Updated php packages fix security vulnerabilities

Several buffer overflows in the components GD, MBString, Phar and XMLRPC were discovered and fixed...

2.7AI score
Exploits0References13
OSV
OSV
added 2019/01/18 10:19 p.m.3 views

MGASA-2019-0042 Updated php packages fix security vulnerabilities

Several buffer overflows in the components GD, MBString, Phar and XMLRPC were discovered and fixed...

7.4AI score
Exploits0References14
OSV
OSV
added 2018/12/20 8:17 p.m.10 views

MGASA-2018-0484 Updated php packages fix security vulnerability

Bypassing disabled exec functions in PHP via imapopen CVE-2018-19518...

8.5CVSS7.5AI score0.9523EPSS
Exploits6References2
OSV
OSV
added 2018/09/21 4:26 p.m.20 views

MGASA-2018-0390 Updated php packages fix security vulnerability

Int Overflow lead to Heap OverFlow in exifthumbnailextract of exif.c CVE-2018-14883 - heap-buffer-overflow READ of size 48 while reading exif data CVE-2018-14851 - XSS due to the header Transfer-Encoding: chunked...

7.5CVSS6.2AI score0.08975EPSS
Exploits1References4
Slackware Linux
Slackware Linux
added 2018/09/15 12:54 a.m.51 views

[slackware-security] php

New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/php-5.6.38-i586-1slack14.2.txz: Upgraded. One security bug has been fixed in this release: Apache2: XSS due to the header...

6.4AI score
Exploits0
OSV
OSV
added 2018/05/04 5:29 p.m.18 views

MGASA-2018-0222 Updated php packages fix security vulnerabilities

Heap Buffer Overflow READ: 1786 in exifiifaddvalue CVE-2018-10549 - Stream filter convert.iconv leads to infinite loop on invalid sequence CVE-2018-10546 - Malicious LDAP-Server Response causes Crash. CVE-2018-10548 - incomplete PHAR Fix CVE-2018-10547...

8.8CVSS6.9AI score0.10564EPSS
Exploits0References2
Mageia
Mageia
added 2018/04/03 6:48 p.m.16 views

Updated php packages fix security vulnerability

Dumpable FPM child processes allow bypassing opcache access controls php75605...

3.2AI score
Exploits0References2
OSV
OSV
added 2018/04/03 6:48 p.m.5 views

MGASA-2018-0191 Updated php packages fix security vulnerability

Dumpable FPM child processes allow bypassing opcache access controls php75605...

7.2AI score
Exploits0References3
Mageia
Mageia
added 2018/03/14 4:21 p.m.68 views

Updated php packages fix CVE-2018-7584

Updated php packages fix security vulnerability: Update to php 5.6.34 fixes a stack-buffer-overflow while parsing HTTP response. CVE-2018-7584...

9.8CVSS1.6AI score0.87883EPSS
Exploits3References2
OSV
OSV
added 2018/01/14 4:54 p.m.4 views

MGASA-2018-0081 Updated php & libgd packages fix security vulnerabilities

Potential infinite loop in gdImageCreateFromGifCtx php75571 Reflected XSS in .phar 404 page php74782...

6.2AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/12/01 12:0 a.m.35 views

EulerOS 2.0 SP1 : php (EulerOS-SA-2017-1301)

According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A null pointer dereference flaw was found in libgd. An attacker could use a specially-crafted .gd2 file to cause an application linked with libgd t...

7.8CVSS7.4AI score0.03736EPSS
Exploits0References3
Mageia
Mageia
added 2017/11/16 8:36 a.m.20 views

Updated php packages fix security vulnerabilities

Updated php packages fix security vulnerabilities: Out-Of-Bounds Read in timelibmeridian in the Date module php75055. Arcfour encryption stream filter crashes php-mcrypt php72535...

1.3AI score
Exploits0References2
OSV
OSV
added 2017/11/16 8:36 a.m.2 views

MGASA-2017-0412 Updated php packages fix security vulnerabilities

Updated php packages fix security vulnerabilities: Out-Of-Bounds Read in timelibmeridian in the Date module php75055. Arcfour encryption stream filter crashes php-mcrypt php72535...

7.2AI score
Exploits0References3
OSV
OSV
added 2017/02/04 6:41 p.m.20 views

MGASA-2017-0040 Updated php packages fix security vulnerabilities

Floating-point exception in php-exif when parsing a tag format CVE-2016-10158. Crash in php-phar while loading hostile phar archive CVE-2016-10159. Memory corruption in php-phar when loading hostile phar CVE-2016-10160. Heap out of bounds read on unserialize in finishnesteddata CVE-2016-10161...

9.8CVSS8.6AI score0.13314EPSS
Exploits0References3
OSV
OSV
added 2016/12/22 9:41 p.m.17 views

MGASA-2016-0422 Updated php packages fix security vulnerability

NULL Pointer Dereference in WDDX Packet Deserialization with PDORow in PHP before 5.6.28 CVE-2016-9934. Invalid read when wddx decodes empty boolean element in PHP before 5.6.29 CVE-2016-9935...

9.8CVSS8.5AI score0.07031EPSS
Exploits0References4
Mageia
Mageia
added 2016/12/22 9:41 p.m.48 views

Updated php packages fix security vulnerability

NULL Pointer Dereference in WDDX Packet Deserialization with PDORow in PHP before 5.6.28 CVE-2016-9934. Invalid read when wddx decodes empty boolean element in PHP before 5.6.29 CVE-2016-9935...

9.8CVSS2.9AI score0.07031EPSS
Exploits0References3
OSV
OSV
added 2016/09/25 3:45 p.m.20 views

MGASA-2016-0319 Updated php packages fix security vulnerabilities

Memory Corruption in During Deserialized-object Destruction CVE-2016-7411. Heap overflow in mysqlnd related to BIT fields CVE-2016-7412. wddxdeserialize use-after-free CVE-2016-7413. Out of bound when verify signature of zip phar in pharparsezipfile CVE-2016-7414. Missing locale length check in...

9.8CVSS8.9AI score0.11402EPSS
Exploits7References11
Mageia
Mageia
added 2016/09/25 3:45 p.m.71 views

Updated php packages fix security vulnerabilities

Memory Corruption in During Deserialized-object Destruction CVE-2016-7411. Heap overflow in mysqlnd related to BIT fields CVE-2016-7412. wddxdeserialize use-after-free CVE-2016-7413. Out of bound when verify signature of zip phar in pharparsezipfile CVE-2016-7414. Missing locale length check in...

9.8CVSS2.6AI score0.11402EPSS
Exploits7References10
OSV
OSV
added 2016/08/31 3:32 p.m.4 views

MGASA-2016-0293 Updated php packages fix security vulnerability

The php package has been updated to version 5.6.25, which fixes several security issues and other bugs. See the upstream ChangeLog for more details...

7.2AI score
Exploits0References3
OSV
OSV
added 2016/07/05 3:47 p.m.21 views

MGASA-2016-0238 Updated php packages fix security vulnerability

php-mbstring phpmbregexeregreplaceexec - double free CVE-2016-5768. php-mcrypt heap Overflow due to integer overflows CVE-2016-5769. php-SPL int/sizet confusion in SplFileObject::fread CVE-2016-5770. php-SPL Use After Free Vulnerability in PHP's GC algorithm and unserialize CVE-2016-5771. php-WDD...

9.8CVSS8.9AI score0.15484EPSS
Exploits9References3
Rows per page
Query Builder