Lucene search
K

292 matches found

Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.10 views

Fedora 37 : php-pear-CAS (2022-d6c6782130)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-d6c6782130 advisory. Changes in version 1.6.0 Bug Fixes: Introduce required servicename constructor argument to fix service hostname discovery exploitation vulnerability...

8CVSS7.5AI score0.01064EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.22 views

CentOS 7 : php-pear (RHSA-2022:7340)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:7340 advisory. - ArchiveTar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked. CVE-2020-28948 - ArchiveTar through...

7.8CVSS7.6AI score0.84554EPSS
Exploits5References4
OSV
OSV
added 2024/09/16 8:59 a.m.16 views

RHSA-2022:7340 Red Hat Security Advisory: php-pear security update

Bulletin has no description...

7.8CVSS7.7AI score0.84554EPSS
Exploits5References16
OSV
OSV
added 2024/09/15 7:22 p.m.14 views

RHSA-2011:1741 Red Hat Security Advisory: php-pear security and bug fix update

Bulletin has no description...

3.3CVSS9.3AI score0.00492EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2024/07/16 12:0 a.m.44 views

RHEL 8 : php-pear (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ArchiveTar: improper filename sanitization leads to file overwrites CVE-2020-28949 - ArchiveTar through...

7.8CVSS7.8AI score0.84554EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.14 views

RHEL 8 : php-pear (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - php-pear: Unsafe deserialization of data in ArchiveTar class CVE-2018-1000888 Note that Nessus has not tested for...

8.8CVSS7.5AI score0.18286EPSS
Exploits5References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.17 views

RHEL 7 : php-pear (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - php-pear: Unsafe deserialization of data in ArchiveTar class CVE-2018-1000888 - PECL in the download...

7.5CVSS7.7AI score0.18286EPSS
Exploits10References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.18 views

RHEL 6 : php-pear (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - php-pear: Unsafe deserialization of data in ArchiveTar class CVE-2018-1000888 - PECL in the download...

7.5CVSS8.7AI score0.18286EPSS
Exploits10References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.22 views

RHEL 5 : php-pear (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - php-pear: File overwrite by malicious server CVE-2017-5630 Note that Nessus has not tested for this issue but has...

7.5CVSS7.3AI score0.12513EPSS
Exploits5References1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.25 views

RHEL 7 : php-pear (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - php-pear: File overwrite by malicious server CVE-2017-5630 - In ArchiveTar before 1.4.14, symlinks can...

8.2AI score0.73377EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.19 views

RHEL 6 : php-pear (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - php-pear: File overwrite by malicious server CVE-2017-5630 - In ArchiveTar before 1.4.14, symlinks can...

8.2AI score0.73377EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.32 views

RHEL 5 : php-pear (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - php-pear: File overwrite by malicious server CVE-2017-5630 Note that Nessus has not tested for this issue but has...

7.5AI score0.12513EPSS
Exploits5References1
UbuntuCve
UbuntuCve
added 2024/04/29 4:15 a.m.50 views

CVE-2024-2757

In PHP 8.3. before 8.3.5, function mbencodemimeheader runs endlessly for some inputs that contain long strings of non-space characters followed by a space. This could lead to a potential DoS attack if a hostile user sends data to an application that uses this function...

7.5CVSS7.1AI score0.01924EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2024/04/16 12:0 a.m.31 views

CVE-2024-3096

In PHP version 8.1. before 8.1.28, 8.2. before 8.2.18, 8.3. before 8.3.5, if a password stored with passwordhash starts with a null byte \x00, testing a blank string as the password via passwordverify will incorrectly return true...

6.5CVSS6.4AI score0.0148EPSS
Exploits1References4
Oracle linux
Oracle linux
added 2023/10/23 12:0 a.m.80 views

php:8.0 security update

libzip php 8.0.30-1 - rebase to 8.0.30 - Resolves: RHEL-11946 php-pear php-pecl-apcu php-pecl-rrd php-pecl-xdebug3 php-pecl-zip...

7.5CVSS9.7AI score0.08003EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.40 views

Oracle Linux 6 : php-pear (ELSA-2011-1741)

The remote Oracle Linux 6 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2011-1741 advisory. 1.9.4-4 - fix patch application for 747361 1.9.4-3 - ignore REST cache creation failures as non-root user 747361 1.9.4-2 - fix XML-Util provides 1.9.4-1 - updat...

3.3CVSS5.5AI score0.00492EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2023/06/19 12:0 a.m.78 views

CVE-2023-3247

In PHP versions 8.0. before 8.0.29, 8.1. before 8.1.20, 8.2. before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure ...

4.3CVSS6.3AI score0.00709EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2023/03/28 12:0 a.m.6 views

The vulnerability of the PHP PEAR class library lies in the insufficient elimination of special elements in queries, allowing attackers to compromise data integrity.

The vulnerability of the PHP PEAR class library is related to insufficient elimination of special elements in the request. Exploiting this vulnerability can allow an attacker to compromise data integrity...

7.8CVSS6.5AI score0.12513EPSS
Exploits5References5Affected Software3
Tenable Nessus
Tenable Nessus
added 2022/12/23 12:0 a.m.32 views

Fedora 35 : php-pear-CAS (2022-76b3530ac2)

The remote Fedora 35 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-76b3530ac2 advisory. Changes in version 1.6.0 Bug Fixes: Introduce required servicename constructor argument to fix service hostname discovery exploitation vulnerability...

8CVSS7.5AI score0.01064EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/12/22 12:0 a.m.28 views

Fedora 36 : php-pear-CAS (2022-37c2d26f59)

The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-37c2d26f59 advisory. Changes in version 1.6.0 Bug Fixes: Introduce required servicename constructor argument to fix service hostname discovery exploitation vulnerability...

8CVSS7.5AI score0.01064EPSS
Exploits0References2
Rows per page
Query Builder