openSUSE: Security Advisory for Recommended (openSUSE-SU-2021:3943-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE: Security Advisory (SUSE-SU-2021:3943-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 : Recommended update for php7 (SUSE-SU-2021:3943-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3943-1 advisory. - In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon...

SUSE-SU-2021:3943-1 Recommended update for php7

This update for php7 fixes the following issues: - CVE-2021-21703: Fixed local privilege escalation via PHP-FPM bsc1192050. - CVE-2021-21707: Fixed special character breaks path in xml parsing bsc1193041. - Added patch to prevent memory access violation in php7 when running test suite bsc1175508...

Recommended update for php7 (moderate)

openSUSE Security Update: Recommended update for php7 Announcement ID: openSUSE-SU-2021:3943-1 Rating: moderate References: 1175508 1192050 1193041 Cross-References: CVE-2021-21703 CVE-2021-21707 CVSS scores: CVE-2021-21703 NVD : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-21703 SUSE:...

Security fix for the ALT Linux 9 package php7 version 7.3.33-alt1

7.3.33-alt1 built Nov. 29, 2021 Anton Farygin in task 289998 Nov. 18, 2021 Anton Farygin - 7.3.33 Fixes: CVE-2021-21707...

SQL Injection Vulnerability in DEDECMSV6 (CNVD-2021-95285)

The dedecmsv6 system is a PHP7.X-based development with strong scalability and is fully open source. dedecmsv6 has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

Security fix for the ALT Linux 9 package php7 version 7.3.32-alt1

7.3.32-alt1 built Oct. 30, 2021 Anton Farygin in task 285278 Oct. 28, 2021 Anton Farygin - 7.3.32 Fixes: CVE-2021-21703...

Security fix for the ALT Linux 9 package php7 version 7.3.31-alt1

7.3.31-alt1 built Sept. 30, 2021 Anton Farygin in task 285609 Sept. 21, 2021 Anton Farygin - 7.3.31 Fixes: CVE-2021-21706...

SUSE: Security Advisory (SUSE-SU-2021:3018-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Command Execution Vulnerability in DEDECMSV6 (CNVD-2021-75300)

DEDECMSV6 is based on PHP7.x development, scalable and fully open source.DEDECMSV6 has a command execution vulnerability, which can be exploited by attackers to gain control of the server...

DEDECMSV6 has a file upload vulnerability (CNVD-2021-75297)

DEDECMSV6 is based on PHP7.x development, is scalable and fully open source.DEDECMSV6 has a file upload vulnerability that can be exploited by attackers to gain control of the server...

DEDECMSV6 has a code execution vulnerability

DEDECMSV6 is based on PHP7.x development, is scalable and fully open source.DEDECMSV6 has a code execution vulnerability that can be exploited by attackers to gain control of the server...

Command Execution Vulnerability in DEDECMSV6 (CNVD-2021-75295)

DEDECMSV6 is based on PHP7.x development, scalable and fully open source.DEDECMSV6 has a command execution vulnerability, which can be exploited by attackers to gain control of the server...

Security fix for the ALT Linux 9 package php7 version 7.3.30-alt1

7.3.30-alt1 built Sept. 16, 2021 Anton Farygin in task 284588 Sept. 3, 2021 Anton Farygin - 7.3.30 Fixes: CVE-2021-21704...

openSUSE 15 Security Update : php7-pear (openSUSE-SU-2021:1267-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1267-1 advisory. - Tar.php in ArchiveTar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issu...

openSUSE: Security Advisory for php7-pear (openSUSE-SU-2021:1267-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2021:1267-1 Security update for php7-pear

This update for php7-pear fixes the following issues: - CVE-2020-36193: Fixed ArchiveTar directory traversal due to inadequate checking of symbolic links bsc1189591. This update was imported from the SUSE:SLE-15-SP2:Update update project...

Security update for php7-pear (important)

openSUSE Security Update: Security update for php7-pear Announcement ID: openSUSE-SU-2021:1267-1 Rating: important References: 1189591 Cross-References: CVE-2020-36193 CVSS scores: CVE-2020-36193 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2020-36193 SUSE: 7.5...

openSUSE 15 Security Update : php7-pear (openSUSE-SU-2021:3018-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:3018-1 advisory. - Tar.php in ArchiveTar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issu...