Lucene search
K

30 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.33 views

Mageia: Security Advisory (MGASA-2014-0430)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.55955EPSS
Exploits2References9
RedhatCVE
RedhatCVE
added 2015/10/30 9:43 a.m.30 views

CVE-2007-3205

The parsestr function in 1 PHP, 2 Hardened-PHP, and 3 Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the...

5CVSS7.4AI score0.00998EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/09/29 12:0 a.m.28 views

Gentoo Security Advisory GLSA 201412-10

Gentoo Linux Local Security Checks GLSA 201412-10 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

7.5CVSS7.7AI score0.16769EPSS
Exploits11References1
Gentoo Linux
Gentoo Linux
added 2014/12/11 12:0 a.m.57 views

Multiple packages, Multiple vulnerabilities fixed in 2012

Background For more information on the packages listed in this GLSA, please see their homepage referenced in the ebuild. Description Vulnerabilities have been discovered in the packages listed below. Please review the CVE identifiers in the Reference section for details. EGroupware VTE Layer Four...

7.5CVSS7.6AI score0.16769EPSS
Exploits11
Mageia
Mageia
added 2014/10/28 11:33 a.m.54 views

Updated php packages fix security vulnerabilities

An integer overflow flaw in PHP's unserialize function was reported. If unserialize were used on untrusted data, this issue could lead to a crash or potentially information disclosure CVE-2014-3669. A heap corruption issue was reported in PHP's exifthumbnail function. A specially-crafted JPEG ima...

7.5CVSS8AI score0.55955EPSS
Exploits2References7
Kitploit
Kitploit
added 2014/09/09 2:11 a.m.14 views

PHP Secure Configuration Checker - Check current PHP configuration for potential security flaws

Among the most tedious tasks of PHP security testing is the check for insecure PHP configuration. As a successor of our PHP Security Poster, we have created a script to help system administrators as well as security professionals to assess the state of php.ini and related topics as quickly and as...

7.4AI score
Exploits0References1
exploitpack
exploitpack
added 2013/02/20 12:0 a.m.21 views

CKEditor 4.0.1 - Multiple Vulnerabilities

CKEditor 4.0.1 - Multiple Vulnerabilities =========================================== Vulnerable Software: ckeditor 4.0.1 standard Download: http://download.cksource.com/CKEditor/CKEditor/CKEditor%204.0.1/ckeditor4.0.1standard.zip Vulns: Full Path Disclosure && XSS...

0.3AI score
Exploits0
CVE
CVE
added 2012/01/27 12:0 a.m.52 views

CVE-2012-0807

CVE-2012-0807 describes a stack-based buffer overflow in the suhosin_encrypt_single_cookie function of the Suhosin PHP extension (prior to 0.9.33) when suhosin.cookie.encrypt and suhosin.multiheader are enabled. An attacker could trigger the overflow by using a long string in a Set-Cookie header,...

5.1CVSS7.9AI score0.04812EPSS
Exploits1References9Affected Software1
securityvulns
securityvulns
added 2012/01/21 12:0 a.m.59 views

Advisory 01/2012: Suhosin PHP Extension Transparent Cookie Encryption Stack Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: Suhosin PHP Extension Transparent Cookie Encryption Stack Buffer Overflow Release Date: 2012/01/19 Last Modified: 2012/01/19 Author: Stefan Esser stefan.esseratsektioneins.de...

8.5AI score
Exploits0
Packet Storm
Packet Storm
added 2012/01/19 12:0 a.m.25 views

Suhosin PHP Extension Transparent Cookie Encryption Stack Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: Suhosin PHP Extension Transparent Cookie Encryption Stack Buffer Overflow Release Date: 2012/01/19 Last Modified: 2012/01/19 Author: Stefan Esser stefan.esseratsektioneins.de...

0.5AI score
Exploits0
Typo3
Typo3
added 2011/12/16 12:0 a.m.60 views

Remote Code Execution in TYPO3 Core

It has been discovered that TYPO3 Core is vulnerable to Remote Code Execution. Component Type: TYPO3 Core Affected Versions: 4.5.0 up to 4.5.8, 4.6.0 and 4.6.1 + development releases of 4.7 branch Vulnerability Types: Remote Code Execution Overall Severity: Critical Release Date: December 16, 201...

7.7AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2011/09/14 12:0 a.m.19 views

Fedora 16 : phpMyAdmin-3.4.4-1.fc16 (2011-11477)

Changes for 3.4.4.0 2011-08-24 : - parser SQL parser breaks AJAX requests if query has unclosed quotes - parser Invalid escape sequence in SQL parser - config $cfg'Export''asfile' set to false does not select as Text option - export Working SQL query exports error page - interface 'Create an inde...

4.3CVSS5.6AI score0.00604EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2011/09/14 12:0 a.m.23 views

Fedora 15 : phpMyAdmin-3.4.4-1.fc15 (2011-11630)

Changes for 3.4.4.0 2011-08-24 : - parser SQL parser breaks AJAX requests if query has unclosed quotes - parser Invalid escape sequence in SQL parser - config $cfg'Export''asfile' set to false does not select as Text option - export Working SQL query exports error page - interface 'Create an inde...

4.3CVSS5.6AI score0.00604EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2010/06/11 12:0 a.m.7 views

Mandriva Update for php MDVA-2010:163 (php)

Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVA-2010:163 php Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

7.4AI score
Exploits0References2
OpenVAS
OpenVAS
added 2010/06/11 12:0 a.m.8 views

Mandriva Update for php MDVA-2010:163 (php)

Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVA-2010:163 php Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

7.4AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2010/06/10 12:0 a.m.11 views

MDVA-2010:163 : php

This is a maintenance update that upgrades php to the latest upstream versions for CS4/MES5/2008.0/2009.0/2009.1/2010.0. Additionally some of the third party extensions and required dependencies has been upgraded. Corporate Server 4.0 with php-5.1.6 had the old Hardening-Patch 0.4.14 applied...

6.9AI score
Exploits0References1
exploitpack
exploitpack
added 2010/05/05 12:0 a.m.45 views

PHP-Nuke 7.08.18.1.35 - Wormable Remote Code Execution

PHP-Nuke 7.08.18.1.35 - Wormable Remote Code Execution !/usr/bin/php ?php / Wormable Remote Code Execution in PHP-Nuke 7.0/8.1/8.1.35newist as of release Vendor's Website:http://phpnuke.org/ Secuirty Researcher: Michael Brooks https://sitewat.ch Original Advisory:...

7.5CVSS0.1AI score0.85909EPSS
Exploits11
Packet Storm
Packet Storm
added 2010/05/05 12:0 a.m.119 views

PHP-Nuke 7.0 / 8.1 / 8.1.35 Wormable Remote Code Execution

!/usr/bin/php ?php / Wormable Remote Code Execution in PHP-Nuke 7.0/8.1/8.1.35newist as of release Vendor's Website:http://phpnuke.org/ Secuirty Researcher: Michael Brooks https://sitewat.ch Original Advisory: http://blog.sitewat.ch/2010/05/vulnerabilities-in-php-nuke.html Google hack: "Francisco...

7.5CVSS0.1AI score0.85909EPSS
Exploits11
seebug.org
seebug.org
added 2010/05/05 12:0 a.m.69 views

Wormable Remote Code Execution in PHP-Nuke 7.0/8.1/8.1.35

No description provided by source. !/usr/bin/php ?php / Wormable Remote Code Execution in PHP-Nuke 7.0/8.1/8.1.35newist as of release Vendor's Website:http://phpnuke.org/ Secuirty Researcher: Michael Brooks https://sitewat.ch Original Advisory:...

7.5CVSS6.4AI score0.85909EPSS
Exploits11
OpenVAS
OpenVAS
added 2009/10/27 12:0 a.m.40 views

SLES10: Security update for PHP5

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache2-modphp5 php5 php5-bcmath php5-bz2 php5-calendar php5-ctype php5-curl php5-dba php5-dbase php5-devel php5-dom php5-exif php5-fastcgi php5-ftp php5-gd...

7.5CVSS0.2AI score0.10087EPSS
Exploits2
Rows per page
Query Builder