CLSA-2026-1778769697 kernel: Fix of 31 CVEs

net: skbuff: propagate shared-frag marker through pskbcopy - HID: ignore non-functional sensor in HP 5MP Camera CVE-2025-21992 - net: fix crash when config small gsomaxsize/gsoipv4maxsize CVE-2024-50258 - ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow CVE-2024-53042 - ALSA:...

MiracleLinux 8 : php:8.0 (AXSA:2022-4405:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4405:01 advisory. php: Use after free due to phpfilterfloat failing for ints CVE-2021-21708 php: Uninitialized array in pgqueryparams leading to RCE CVE-2022-31625...

EUVD-2006-2279

Malware in sbrugna...

DEBIAN-CVE-2023-53273

In the Linux kernel, the following vulnerability has been resolved: Drivers: vmbus: Check for channel allocation before looking up relids relid2channel assumes vmbus channel array to be allocated when called. However, in cases such as kdump/kexec, not all relids will be reset by the host. When th...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from uninitialized array access and could lead to a filename handling exception...

TencentOS Server 3: php:7.4 (TSSA-2022:0157)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0157 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

php: Uninitialized array in pg_query_params() leading to RCE

A vulnerability was found in PHP due to an uninitialized array in pgqueryparams function. When using the Postgres database extension, supplying invalid parameters to the parameterized query may lead to PHP attempting to free memory, using uninitialized data as pointers. This flaw allows a remote...

php: Uninitialized array in pg_query_params() leading to RCE

A vulnerability was found in PHP due to an uninitialized array in pgqueryparams function. When using the Postgres database extension, supplying invalid parameters to the parameterized query may lead to PHP attempting to free memory, using uninitialized data as pointers. This flaw allows a remote...

php:8.0 security, bug fix, and enhancement update

An update is available for php-pear, php-pecl-rrd, php, php-pecl-apcu, libzip, php-pecl-xdebug3, php-pecl-zip. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PH...

RHEL 8 : php:7.4 (RHSA-2022:6158)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:6158 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: uninitialized array in pgqueryparams leadi...

php: Uninitialized array in pg_query_params() leading to RCE

A vulnerability was found in PHP due to an uninitialized array in pgqueryparams function. When using the Postgres database extension, supplying invalid parameters to the parameterized query may lead to PHP attempting to free memory, using uninitialized data as pointers. This flaw allows a remote...

Moderate: Red Hat Security Advisory: php:7.4 security update

An update for the php:7.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RLSA-2022:6158 Moderate: php:7.4 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: uninitialized array in pgqueryparams leading to RCE CVE-2022-31625 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

php: Uninitialized array in pg_query_params() leading to RCE

A vulnerability was found in PHP due to an uninitialized array in pgqueryparams function. When using the Postgres database extension, supplying invalid parameters to the parameterized query may lead to PHP attempting to free memory, using uninitialized data as pointers. This flaw allows a remote...

RHEL 7 : rh-php73-php (RHSA-2022:5491)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5491 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: password of excessive length...

CVE-2022-31625

A vulnerability was found in PHP due to an uninitialized array in pgqueryparams function. When using the Postgres database extension, supplying invalid parameters to the parameterized query may lead to PHP attempting to free memory, using uninitialized data as pointers. This flaw allows a remote...

Remote Code Execution (RCE)

php is vulnerable to remote code execution. The vulnerability exists due to a lack of sanitization of Uninitialized array in pgqueryparams allowing an attacker to inject maliciously crafted script into the system...

PHP < 7.4.30, 8.0.x < 8.0.20, 8.1.x < 8.1.7 Security Update (Jun 2022) - Linux

PHP released new versions which include a security fix. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

Claroline 1.7.7 - Arbitrary File Inclusion

Claroline 1.7.7 - Arbitrary File Inclusion Claroline Arbitrary File Inclusion Vendor: Claroline Product: Claroline Version: 0 $uidReset = true; $clarologinSucceeded = true; break; e...

Adobe Reader 10.1.4 JP2KLib&CoolType Crash PoC

No description provided by source. Title : Adobe Reader 10.1.4 JP2KLib&CoolType WriteAV Vulnerability Version : 10.1.4.38 Date : 2012-11-20 Vendor : http://www.adobe.com/ Impact : Med/High Contact : coolkaveh at rocketmail.com Twitter : @coolkaveh tested : XP SP3 ENG Author : coolkaveh...