[R2] Stand-alone Security Patches Available for Tenable Security Center versions 6.5.1, 6.6.0 and 6.7.2: SC-202602.1 + SC-202602.2

R2 Stand-alone Security Patches Available for Tenable Security Center versions 6.5.1, 6.6.0 and 6.7.2: SC-202602.1 + SC-202602.2 Arnie Cabral Tue, 02/17/2026 - 08:32 Security Center leverages third-party software to help provide underlying functionality. Several of the third-party components...

[R1] Stand-alone Security Patches Available for Tenable Security Center versions 6.4.x, 6.5.1 and 6.6.0: SC-202508.1

R1 Stand-alone Security Patches Available for Tenable Security Center versions 6.4.x, 6.5.1 and 6.6.0: SC-202508.1 Arnie Cabral Thu, 08/28/2025 - 11:18 Security Center leverages third-party software to help provide underlying functionality. Several of the third-party components Apache, PHP, sqlit...

CVE-2025-1736 affecting package php for versions less than 8.1.32-1

CVE-2025-1736 affecting package php for versions less than 8.1.32-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-1217 affecting package php for versions less than 8.3.19-1

CVE-2025-1217 affecting package php for versions less than 8.3.19-1. An upgraded version of the package is available that resolves this issue...

CVE-2024-8929 affecting package php for versions less than 8.3.14-1

CVE-2024-8929 affecting package php for versions less than 8.3.14-1. An upgraded version of the package is available that resolves this issue...

[R2] Security Center Version 6.5.0 Fixes Multiple Vulnerabilities

R2 Security Center Version 6.5.0 Fixes Multiple Vulnerabilities Arnie Cabral Thu, 12/05/2024 - 09:54 Security Center leverages third-party software to help provide underlying functionality. Several of the third-party components OpenSSL, PHP, Apache Portable Runtime were found to contain...

Moderate: php security, bug fix, and enhancement update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 8.0.20. BZ2095752 Security Fixes: php: Use after free due to phpfilterfloat failing for ints CVE-2021-21708 php: Uninitialized array in...

[ASA-202107-16] php7: multiple issues

Arch Linux Security Advisory ASA-202107-16 ========================================== Severity: Medium Date : 2021-07-06 CVE-ID : CVE-2021-21704 CVE-2021-21705 Package : php7 Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2133 Summary ======= The package php7 before...

[ASA-202102-14] php7: denial of service

Arch Linux Security Advisory ASA-202102-14 ========================================== Severity: Medium Date : 2021-02-06 CVE-ID : CVE-2021-21702 Package : php7 Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1532 Summary ======= The package php7 before version...

Command Execution Vulnerability in Tplay Backend

Tplay is a backend management framework based on ThinkPHP 5.0.13 + layui2.2.45 + Mysql development, PHP version required to upgrade to 5.5. A command execution vulnerability exists in Tplay backend. An attacker can exploit this vulnerability to gain server privileges...

Joomla Object Injection

Added: 10/24/2019 Background Joomla is a content management system written in PHP. Problem An object injection vulnerability in Joomla could allow a remote, unauthenticated attacker to execute arbitrary commands on the server. This vulnerability has been nicknamed "Rusty Joomla". Resolution Upgra...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Cross-Site Scripting (XSS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php54 packages provide a recent stable release of PHP with the PEAR 1.9.4, APC 3.1.15, and memcache 3.0.8 PECL extensions, and a number of additional utilities. The php54 packages have been upgraded to...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php54 packages provide a recent stable release of PHP with the PEAR 1.9.4, APC 3.1.15, and memcache 3.0.8 PECL extensions, and a number of additional utilities. The php54 packages have been upgraded to...

Sensitive Information Disclosure

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to...

Use-After-Free

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to...

WordPress Plugin Simple Fields 0.2 - 0.3.5 - Local/Remote File Inclusion / Remote Code Execution

Exploit Title: Simple Fields 0.2 - 0.3.5 LFI/RFI/RCE Date: 2018-04-08 Exploit Author: Graeme Robinson Contact: @Grasec Vendor Homepage: http://simple-fields.com Software Link: https://downloads.wordpress.org/plugin/simple-fields.0.3.5.zip Version: 0.2 - 0.3.5 Tested on: Ubuntu 16.04.4 + PHP 5.3.0...

[slackware-security] php

New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/php-5.6.32-i586-1slack14.2.txz: Upgraded. Several security bugs were fixed in this release: Out of bounds read in...

[slackware-security] php

New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/php-5.6.19-i486-1slack14.1.txz: Upgraded. This release fixes bugs and security issues. For more information, see:...

Drupal Update Fixes 10 Vulnerabilities, One Critical

Developers at Drupal addressed 10 vulnerabilities in the content management system this week, including a critical access bypass issue that could have let users access certain elements thought to be blocked, and another issue that could lead to remote code execution. Through the critical access...