Amazon Linux 2023 : php8.2, php8.2-bcmath, php8.2-cli (ALAS2023-2025-1354)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1354 advisory. NOTE: https://github.com/php/php-src/security/advisories/GHSA-3237-qqm7-mfv7NOTE: https://github.com/php/php-src/commit/c5f28c7cf0a052f48e47877c7aa5c5bcc54f1cfcDEBIANBUG: 1123574 CVE-2025-1417...

Mageia: Security Advisory (MGASA-2024-0375)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux AMI : php72 (ALAS-2024-1921)

The version of php72 installed on the remote host is prior to 7.2.26-1.19. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2024-1921 advisory. 2024-02-28: CVE-2019-11045 was added to this advisory. 2024-02-28: CVE-2019-11049 was added to this advisory. 2024-02-28:...

RHEL 9 : php (RHSA-2022:8197)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:8197 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later...

CentOS 8 : php:8.0 (CESA-2022:7624)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:7624 advisory. - php: Use after free due to phpfilterfloat failing for ints CVE-2021-21708 - php: Uninitialized array in pgqueryparams leading to RCE CVE-2022-31625...

Mageia: Security Advisory (MGASA-2018-0222)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2015-0258)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2015-0365)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2016-0159)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Medium: php72, php73

Issue Overview: In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is...

Oracle: Security Advisory (ELSA-2015-1219)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Critical: php

Issue Overview: The asn1timetotimet function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse 1 notBefore and 2 notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of...

Amazon Linux AMI : php (ALAS-2012-116)

Unspecified vulnerability in the phpstreamscandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an 'overflow.' C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

Oracle Linux 5 : php (ELSA-2009-0338)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2009-0338 advisory. - ext/gd: fix overflow2 usage for CVE-2007-3996, CVE-2008-3658 Tenable has extracted the preceding description block directly from the Oracle Linux...

RHEL 5 / 6 : php (RHSA-2012:0546)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:0546 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the php-cgi executable processe...

Mandrake Security Advisory MDVSA-2009:285 (php)

The remote host is missing an update to php announced via advisory MDVSA-2009:285. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-on...

Mandrake Security Advisory MDVSA-2009:167 (php)

The remote host is missing an update to php announced via advisory MDVSA-2009:167. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-on...

Mandrake Security Advisory MDVSA-2009:145 (php)

The remote host is missing an update to php announced via advisory MDVSA-2009:145. OpenVAS Vulnerability Test $Id: mdksa2009145.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:145 php Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

Mandrake Security Advisory MDVSA-2009:145 (php)

The remote host is missing an update to php announced via advisory MDVSA-2009:145. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-on...

Mandrake Security Advisory MDVSA-2009:090 (php)

The remote host is missing an update to php announced via advisory MDVSA-2009:090. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-on...