Lucene search
K

135 matches found

OSV
OSV
added 2021/07/04 2:13 a.m.9 views

MGASA-2021-0312 Updated php packages fix security vulnerabilities

Updated PHP packages fix security vulnerabilities: - Fixed bug 81122: SSRF bypass in FILTERVALIDATEURL. CVE-2021-21705 PDOFirebird: - Fixed bug 76448: Stack buffer overflow in firebirdinfocb. CVE-2021-21704 - Fixed bug 76449: SIGSEGV in firebirdhandledoer. CVE-2021-21704 - Fixed bug 76450: SIGSEG...

5.9CVSS6.2AI score0.01945EPSS
Exploits2References3
OSV
OSV
added 2021/02/08 5:58 p.m.5 views

MGASA-2021-0076 Updated php packages fix a security vulnerability

The php packages are updated to version 7.3.27 to fix a Null Dereference in SoapClient SOAP. CVE-2021-21702. Note also php packages version 7.4.15-1.mga7 are available in backports/updates...

7.5CVSS7.4AI score0.03179EPSS
Exploits0References3
OSV
OSV
added 2021/01/14 3:13 p.m.6 views

MGASA-2021-0025 Updated php packages fix security vulnerability

FILTERVALIDATEURL accepts URLs with invalid userinfo CVE-2020-7071. streamgetcontents fails with maxlength=-1 or default. See upstream releasenotes for other changes...

5.3CVSS6.3AI score0.02983EPSS
Exploits1References3
Mageia
Mageia
added 2021/01/14 3:13 p.m.40 views

Updated php packages fix security vulnerability

FILTERVALIDATEURL accepts URLs with invalid userinfo CVE-2020-7071. streamgetcontents fails with maxlength=-1 or default. See upstream releasenotes for other changes...

5.3CVSS1.8AI score0.02983EPSS
Exploits1References2
OSV
OSV
added 2020/05/27 6:17 p.m.6 views

MGASA-2020-0236 Updated php packages fix security vulnerability

Updated php packages fix security vulnerabilities: - Fixed bug 78875 Long filenames cause OOM and temp files are not cleaned. 1 - Fixed bug 78876 Long variables in multipart/form-data cause OOM and temp files are not cleaned. 2 - Fixed bug 79441 Segfault in mbchr if internal encoding is...

5.3CVSS6AI score0.06264EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2020/05/26 12:0 a.m.243 views

EulerOS 2.0 SP8 : php (EulerOS-SA-2020-1586)

According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.34, while parsing EXIF data with exifreaddata function, it is possible fo...

6.5CVSS7AI score0.04295EPSS
Exploits2References3
OSV
OSV
added 2020/04/20 2:2 p.m.15 views

MGASA-2020-0178 Updated php packages fix security vulnerability

Updated php packages fix security vulnerabilities: - OOB Read in urldecode CVE-2020-7067 - Integer Overflow in shmopopen Noteable changes: - Opcache chokes and uses 100% CPU on specific script - curlcopyhandle memory leak - ZipArchive::open fails on empty file...

7.5CVSS7.6AI score0.04311EPSS
Exploits1References3
Mageia
Mageia
added 2020/04/01 1:56 a.m.68 views

Updated php packages fix security vulnerability

Critical bugs closed: - Use-of-uninitialized-value in exif 1 - mbstrtolower UTF-32LE: stack-buffer-overflow at phpunicodetolowerfull 2 - getheaders silently truncates after a null byte 3 Some more bugs closed, as: - Memory corruption in pregreplace/pregreplacecallback and unicode -...

8.8CVSS2.6AI score0.04764EPSS
Exploits3References2
OSV
OSV
added 2020/04/01 1:56 a.m.12 views

MGASA-2020-0148 Updated php packages fix security vulnerability

Critical bugs closed: - Use-of-uninitialized-value in exif 1 - mbstrtolower UTF-32LE: stack-buffer-overflow at phpunicodetolowerfull 2 - getheaders silently truncates after a null byte 3 Some more bugs closed, as: - Memory corruption in pregreplace/pregreplacecallback and unicode -...

8.8CVSS6.6AI score0.04764EPSS
Exploits3References3
OSV
OSV
added 2020/03/06 4:13 p.m.17 views

MGASA-2020-0119 Updated php packages fix bugs and security vulnerabilities

Updated php packages fix bugs and security vulnerabilities: Core: - Fixed bug 71876 Memory corruption htmlspecialchars: charset ' not supported. - Fixed bug 79146 cscript can fail to run on some systems. - Fixed bug 78323 Code 0 is returned on invalid options. - Fixed bug 76047 Use-after-free whe...

9.1CVSS7.1AI score0.03976EPSS
Exploits3References3
Mageia
Mageia
added 2020/03/06 4:13 p.m.78 views

Updated php packages fix bugs and security vulnerabilities

Updated php packages fix bugs and security vulnerabilities: Core: - Fixed bug 71876 Memory corruption htmlspecialchars: charset ' not supported. - Fixed bug 79146 cscript can fail to run on some systems. - Fixed bug 78323 Code 0 is returned on invalid options. - Fixed bug 76047 Use-after-free...

9.1CVSS8.3AI score0.03976EPSS
Exploits3References2
OPENSUSE Linux
OPENSUSE Linux
added 2020/03/02 12:0 a.m.112 views

Security update for cacti, cacti-spine (important)

openSUSE Security Update: Security update for cacti, cacti-spine Announcement ID: openSUSE-SU-2020:0284-1 Rating: important References: 1082318 1101024 1101139 1122242 1122243 1122244 1122245 1122535 1158990 1158992 1161297 1163749 Cross-References: CVE-2009-4112 CVE-2018-20723 CVE-2018-20724...

9CVSS8AI score0.36824EPSS
Exploits9References12
OSV
OSV
added 2020/03/01 5:12 p.m.5 views

OPENSUSE-SU-2020:0272-1 Security update for cacti, cacti-spine

This update for cacti, cacti-spine fixes the following issues: cacti-spine was updated to version 1.2.9. Security issues fixed: - CVE-2009-4112: Fixed a privilege escalation bsc1122535. - CVE-2018-20723: Fixed a cross-site scripting XSS vulnerability bsc1122245. - CVE-2018-20724: Fixed a cross-si...

9CVSS7.2AI score0.36824EPSS
Exploits9References23
OSV
OSV
added 2020/01/28 11:32 a.m.19 views

MGASA-2020-0066 Updated php packages fix security vulnerabilities

Updated php packages fix security vulnerabilities: Two buffer overflows in string and mbstring handling have been found CVE-2020-7059, CVE-2020-7060. Other security fixes have been applied: - Session: Fixed bug 79091 heap use-after-free in sessioncreateid. - Date: Fixed bug 79015 undefined-behavi...

9.1CVSS9.5AI score0.08888EPSS
Exploits2References3
OSV
OSV
added 2019/12/25 7:8 p.m.13 views

MGASA-2019-0412 Updated php packages fix security vulnerabilities

Updated php packages fix security vulnerabilities: DirectoryIterator class silently truncates after a null byte CVE-2019-11045. Buffer underflow in bcshiftaddsub. CVE-2019-11046 Heap-buffer-overflow READ in exif. CVE-2019-11047 mail may release string with refcount==1 twice. CVE-2019-11049...

9.8CVSS7.2AI score0.08818EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2019/09/17 12:0 a.m.54 views

EulerOS 2.0 SP2 : php (EulerOS-SA-2019-1865)

According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds write flaw was found in the fpmlogwrite logging function of PHP's FastCGI Process Manager service. A remote attacker could...

9.8CVSS8.6AI score0.15484EPSS
Exploits16References15
OSV
OSV
added 2019/09/06 9:9 p.m.15 views

MGASA-2019-0253 Updated php packages fix security vulnerabilities

Updated php packages fix security vulnerabilities: A use-after-free in onignewdeluxe in regext.c in the bundled Oniguruma allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression CVE-2019-13224. A NULL...

9.8CVSS8.5AI score0.04047EPSS
Exploits0References3
OSV
OSV
added 2019/08/10 12:12 a.m.8 views

MGASA-2019-0218 Updated php packages fix security vulnerabilities

Updated php packages fixes at least the following security issues: When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause ...

7.1CVSS7.6AI score0.0442EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2019/04/04 12:0 a.m.48 views

EulerOS Virtualization 2.5.3 : php (EulerOS-SA-2019-1265)

According to the versions of the php packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the...

9.8CVSS7.2AI score0.10059EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2019/04/02 12:0 a.m.58 views

EulerOS 2.0 SP5 : php (EulerOS-SA-2019-1146)

According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an...

9.8CVSS7.2AI score0.10059EPSS
Exploits5References6
Rows per page
Query Builder