SUSE: Security Advisory (SUSE-SU-2026:0245-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 / openSUSE 15 Security Update : php7 (SUSE-SU-2026:0245-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0245-1 advisory. Security fixes: - CVE-2025-14178: heap buffer overflow occurs in arraymerge when the total element count of packed arrays...

CVE-2022-50912 ImpressCMS 1.4.4 - Unrestricted File Upload

ImpressCMS 1.4.4 contains a file upload vulnerability with weak extension sanitization that allows attackers to upload potentially malicious files. Attackers can bypass file upload restrictions by using alternative file extensions .php2.php6.php7.phps.pht to execute arbitrary PHP code on the serv...

EUVD-2020-3009

Malware in sbrugna...

EUVD-2025-20158

Malicious code in bioql PyPI...

SUSE SLES15 / openSUSE 15 Security Update : php7 (SUSE-SU-2025:02473-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02473-1 advisory. - CVE-2025-1220: Fixed null byte termination in hostnames bsc1246167 - CVE-2025-1735: Fixed pgsql extension does not...

CVE-2025-7099

A vulnerability has been found in BoyunCMS up to 1.21 on PHP7 and classified as critical. Affected by this vulnerability is an unknown functionality of the file install/install2.php of the component Installation Handler. The manipulation of the argument dbhost leads to deserialization. The attack...

openSUSE Security Advisory (SUSE-SU-2025:1025-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 / openSUSE 15 Security Update : php7 (SUSE-SU-2025:1025-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1025-1 advisory. - CVE-2024-11235: Fixed reference counting in phprequestshutdown causing Use-After-Free bsc1239666 - CVE-2025-1217:...

SUSE SLES15 Security Update : php7 (SUSE-SU-2025:1026-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1026-1 advisory. - CVE-2024-11235: Fixed reference counting in phprequestshutdown causing Use-After-Free bsc1239666 - CVE-2025-1217: Fixed header...

SUSE-SU-2025:1026-1 Security update for php7

This update for php7 fixes the following issues: - CVE-2024-11235: Fixed reference counting in phprequestshutdown causing Use-After-Free bsc1239666 - CVE-2025-1217: Fixed header parser of http stream wrapper not handling folded headers bsc1239664 - CVE-2025-1219: Fixed libxml streams using wrong...

SUSE-SU-2025:1025-1 Security update for php7

This update for php7 fixes the following issues: - CVE-2024-11235: Fixed reference counting in phprequestshutdown causing Use-After-Free bsc1239666 - CVE-2025-1217: Fixed header parser of http stream wrapper not handling folded headers bsc1239664 - CVE-2025-1219: Fixed libxml streams using wrong...

php7.com.cn Cross Site Scripting vulnerability OBB-4034009

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

SUSE SLES15 / openSUSE 15 Security Update : php7 (SUSE-SU-2024:4146-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4146-1 advisory. - CVE-2024-11233: Single byte overread with convert.quoted-printable-decode filter bsc1233702. - CVE-2024-11234:...

openSUSE Security Advisory (SUSE-SU-2024:4146-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:4146-1 Security update for php7

This update for php7 fixes the following issues: - CVE-2024-11233: Single byte overread with convert.quoted-printable-decode filter bsc1233702. - CVE-2024-11234: Configuring a proxy in a stream context might allow for CRLF injection in URIs bsc1233703. - CVE-2024-8929: Leak partial content of the...

SUSE SLES15 / openSUSE 15 Security Update : php7 (SUSE-SU-2024:3733-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3733-1 advisory. - CVE-2024-8925: Fixed erroneous parsing of multipart form data in HTTP POST requests leads to legitimate data not...

openSUSE Security Advisory (SUSE-SU-2024:3733-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:3733-1 Security update for php7

This update for php7 fixes the following issues: - CVE-2024-8925: Fixed erroneous parsing of multipart form data in HTTP POST requests leads to legitimate data not being processed bsc1231360 - CVE-2024-8927: Fixed cgi.forceredirect configuration is bypassable due to an environment variable...

SUSE SLES15 Security Update : php7 (SUSE-SU-2024:2037-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2037-1 advisory. - CVE-2024-2756: Fixed bypass of security fix applied for CVE-2022-31629 that lead PHP to consider not secure cookies as secure...