Lucene search
K

129 matches found

OSV
OSV
added 2023/02/27 1:30 p.m.10 views

SUSE-SU-2023:0527-1 Security update for php8

This update for php8 fixes the following issues: php8 was updated to version 8.0.28: - CVE-2023-0568: Fixed NULL byte off-by-one in phpcheckspecificopenbasedir bnc1208366. - CVE-2023-0662: Fixed DoS vulnerability when parsing multipart request body bnc1208367...

8.1CVSS8.4AI score0.01408EPSS
Exploits1References5
OSV
OSV
added 2022/12/15 12:0 a.m.43 views

DLA-3243-1 php7.3 - security update

Bulletin has no description...

9.8CVSS7.8AI score0.5838EPSS
Exploits7
Oracle linux
Oracle linux
added 2022/08/04 12:0 a.m.48 views

php security update

8.0.13-2 - fix password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626...

8.8CVSS3.5AI score0.5838EPSS
Exploits2
Mageia
Mageia
added 2022/03/02 4:52 p.m.21 views

Updated php packages fix security vulnerability

Security update for php. See changelog for details...

1.4AI score
Exploits0References2
OSV
OSV
added 2021/08/06 9:58 a.m.9 views

SUSE-SU-2021:2638-1 Security update for php72

This update for php72 fixes the following issues: - CVE-2021-21704: Fixed security issues in pdofirebase module bsc1188035...

5.9CVSS6.1AI score0.01724EPSS
Exploits1References3
OSV
OSV
added 2021/08/06 9:57 a.m.7 views

SUSE-SU-2021:2636-1 Security update for php74

This update for php74 fixes the following issues: - CVE-2021-21704: Fixed security issues in pdofirebase module bsc1188035. - CVE-2021-21705: Fixed SSRF bypass in FILTERVALIDATEURL bsc1188037...

5.9CVSS6AI score0.01945EPSS
Exploits2References5
OSV
OSV
added 2021/02/18 12:0 a.m.28 views

DLA-2564-1 php-horde-text-filter - security update

Bulletin has no description...

6.1CVSS6.1AI score0.04944EPSS
Exploits7
OSV
OSV
added 2020/09/03 10:12 a.m.4 views

SUSE-SU-2020:2477-1 Security update for php5

This update for php5 fixes the following issues: - CVE-2020-7068: Use of freed hash key in the pharparsezipfile function bsc1175223...

4.8CVSS5.4AI score0.01661EPSS
Exploits1References3
OSV
OSV
added 2020/02/28 8:28 a.m.22 views

SUSE-SU-2020:0522-1 Security update for php5

This update for php5 fixes the following issues: Security issues fixed: - CVE-2019-11041: Fixed heap buffer over-read in exifscanthumbnail bsc1146360. - CVE-2019-11042: Fixed heap buffer over-read in exifprocessusercomment bsc1145095. - CVE-2019-11043: Fixed possible remote code execution via...

9.8CVSS8.1AI score0.9947EPSS
Exploits62References20
Amazon
Amazon
added 2020/02/24 12:0 a.m.76 views

Medium: php73

Issue Overview: When using fgetss function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash...

9.1CVSS7.5AI score0.08888EPSS
Exploits2
Oracle linux
Oracle linux
added 2019/11/23 12:0 a.m.176 views

php:7.2 security update

php 7.2.11-4 - fix underflow in envpathinfo in fpmmain.c CVE-2019-11043...

9.8CVSS2.4AI score0.9947EPSS
Exploits55
OSV
OSV
added 2019/04/05 11:32 a.m.22 views

SUSE-SU-2019:14013-1 Security update for php53

This update for php53 fixes the following issues: Security issues fixed: - CVE-2019-9637: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension bsc1128892. - CVE-2019-9675: Fixed improper implementation of rename function and multiple invalid memory...

9.8CVSS8.5AI score0.10059EPSS
Exploits10References23
OSV
OSV
added 2019/03/08 12:0 a.m.46 views

DSA-4403-1 php7.0 - security update

Bulletin has no description...

9.8CVSS7.7AI score0.09395EPSS
Exploits5
OSV
OSV
added 2018/12/10 12:0 a.m.53 views

DSA-4353-1 php7.0 - security update

Bulletin has no description...

8.5CVSS7AI score0.9523EPSS
Exploits9
OSV
OSV
added 2018/09/10 1:51 p.m.18 views

SUSE-SU-2018:2681-1 Security update for php53

This update for php53 fixes the following issues: The following security issues were fixed: - CVE-2018-14851: Fixed an out-of-bound read in exifprocessIFDinMAKERNOTE, which could be exploited by an attacker via crafted JPG files, and could result in an application crash. bsc1103659 -...

7.5CVSS6.9AI score0.08975EPSS
Exploits2References7
OSV
OSV
added 2018/01/14 4:54 p.m.4 views

MGASA-2018-0085 Updated php & libgd packages fix security vulnerabilities

Potential infinite loop in gdImageCreateFromGifCtx php75571. Reflected XSS in .phar 404 page php74782...

6.2AI score
Exploits0References3
OSV
OSV
added 2017/01/04 10:43 a.m.17 views

SUSE-SU-2017:0017-1 Security update for php7

This update for php7 fixes the following issues: CVE-2016-9933 Possible stack overflow on truecolor images handling bsc1015187 CVE-2016-9934 Dereference from NULL pointer could lead to crash bsc1015188 CVE-2016-9935 Invalid read could lead to crash bsc1015189 CVE-2016-9936 Use After free in the...

9.8CVSS8.8AI score0.07031EPSS
Exploits2References9
Tenable Nessus
Tenable Nessus
added 2016/12/20 12:0 a.m.72 views

Debian DLA-749-1 : php5 security update (httpoxy)

CVE-2016-5385 PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect an application's...

9.8CVSS7.6AI score0.50427EPSS
Exploits14References16
Oracle linux
Oracle linux
added 2016/11/09 12:0 a.m.126 views

php security and bug fix update

5.4.16-42 - bz2: fix improper error handling in bzread CVE-2016-5399 5.4.16-41 - gd: fix integer overflow in gd2GetHeader resulting in heap overflow CVE-2016-5766 - gd: fix integer overflow in gdImagePaletteToTrueColor resulting in heap overflow CVE-2016-5767 - mbstring: fix double free in...

9.8CVSS1AI score0.50427EPSS
Exploits7
OSV
OSV
added 2016/10/07 3:15 p.m.18 views

SUSE-SU-2016:2477-2 Security update for php5

This update for php5 fixes the following security issues: CVE-2016-7411: php5: Memory corruption when destructing deserialized object CVE-2016-7412: Heap overflow in mysqlnd when not receiving UNSIGNEDFLAG in BIT field CVE-2016-7413: Use after free in wddxdeserialize CVE-2016-7414: Out of bounds...

9.8CVSS9.5AI score0.11402EPSS
Exploits7References15
Rows per page
Query Builder