70 matches found
[SECURITY] [DLA 4586-1] php7.4 security update
Debian LTS Advisory DLA-4586-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin May 16, 2026 https://wiki.debian.org/LTS Package : php7.4 Version : 7.4.33-1+deb11u11 CVE ID : CVE-2026-6722 CVE-2026-6735 CVE-2026-7258 CVE-2026-7261 CVE-2026-7262 CVE-2026-7568 Debian...
Debian dla-4586 : libapache2-mod-php7.4 - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4586 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4586-1 [email protected]...
PT-2026-39402
Name of the Vulnerable Software and Affected Versions Yii Framework versions prior to 2.0.55 Description Internal variables in the View::renderPhpFile and ErrorHandler::renderFile functions are not isolated, which can lead to parameter collisions that allow the overriding of included file paths...
Linux Distros Unpatched Vulnerability : CVE-2026-7568
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the metaphone function in ext/standard/metaphone.c uses a...
Astra Linux - уязвимость в php7.3, php8.1
Due to an incomplete fix for CVE-2022-31629 https://github.com/advisories/GHSA-c43m-486j-j32p, network and same-site attackers can set an insecure cookie in the victim’s browser. This cookie is treated as a Host- or Secure-cookie by PHP applications...
RHSA-2026:4507 Red Hat Security Advisory: php:7.4 security update
Bulletin has no description...
TencentOS Server 3: php:7.4 (TSSA-2026:0172)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0172 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
RHEL 8 : php:7.4 (RHSA-2026:4517)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:4517 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: heap-based buffer overflow in arraymerge...
RHEL 8 : php:7.4 (RHSA-2026:4514)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:4514 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: heap-based buffer overflow in arraymerge...
Oracle Linux 8 : php:7.4 (ELSA-2026-2470)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2470 advisory. - Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs CVE-2024-11234 - Fix Single byte overread with...
RockyLinux 8 : php:7.4 (RLSA-2026:2470)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:2470 advisory. php: Leak partial content of the heap through heap buffer over-read in mysqlnd CVE-2024-8929 php: Single byte overread with convert.quoted-printable-deco...
Moderate: Red Hat Security Advisory: php:7.4 security update
An update for the php:7.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
openSUSE Security Advisory (SUSE-SU-2026:0245-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-4447-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 4447-1] php7.4 security update
Debian LTS Advisory DLA-4447-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin January 24, 2026 https://wiki.debian.org/LTS Package : php7.4 Version : 7.4.33-1+deb11u10 CVE ID : CVE-2025-14178 Debian Bug : 1123574 Multiple security issues were found in PHP, a...
DLA-4447-1 php7.4 - security update
Bulletin has no description...
Security update for php7
This update for php7 fixes the following issues: Security fixes: CVE-2025-14178: heap buffer overflow occurs in arraymerge when the total element count of packed arrays exceeds 32-bit limits or HTMAXSIZE bsc1255711. Other fixes: Add all php7 packages to PackageHUB unsupported, no source changes...
SUSE-SU-2026:0245-1 Security update for php7
This update for php7 fixes the following issues: Security fixes: - CVE-2025-14178: heap buffer overflow occurs in arraymerge when the total element count of packed arrays exceeds 32-bit limits or HTMAXSIZE bsc1255711. Other fixes: - Add all php7 packages to PackageHUB unsupported, no source...
MiracleLinux 8 : php:7.4 (AXSA:2024-9405:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9405:01 advisory. php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: Passwordverify always return true with some hash CVE-2023-0567 php: Missing...
MiracleLinux 8 : php:7.4 (AXSA:2022-3752:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3752:01 advisory. php: password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626 Tenable has extracted the preceding description block directly from...