14 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-3247
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP versions 8.0. before 8.0.29, 8.1. before 8.1.20, 8.2. before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for...
Linux Distros Unpatched Vulnerability : CVE-2024-8927
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, 8.3. before 8.3.12, HTTPREDIRECTSTATUS variable is used to check whether or not CGI binary is being run ...
Linux Distros Unpatched Vulnerability : CVE-2024-5458
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, due to a code logic error, filtering functions such as filtervar when validating URLs...
Linux Distros Unpatched Vulnerability : CVE-2024-11234
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, when using streams with configured proxy and requestfulluri option, the URI is not...
Linux Distros Unpatched Vulnerability : CVE-2016-4537
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 accepts a negative integer for the scale argument,...
Linux Distros Unpatched Vulnerability : CVE-2015-7803
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The phargetentrydata function in ext/phar/util.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service NULL pointer...
Linux Distros Unpatched Vulnerability : CVE-2016-10162
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The phpwddxpopelement function in ext/wddx/wddx.c in PHP 7.0.x before 7.0.15 and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service NULL...
Linux Distros Unpatched Vulnerability : CVE-2015-8873
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack consumption vulnerability in Zend/zendexceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to cause a...
Linux Distros Unpatched Vulnerability : CVE-2019-11045
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as...
Linux Distros Unpatched Vulnerability : CVE-2015-4598
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or...
Linux Distros Unpatched Vulnerability : CVE-2018-5712
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error pag...
Linux Distros Unpatched Vulnerability : CVE-2016-6295
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext/snmp/snmp.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 improperly interacts with the unserialize implementation and garbage collection,...
Linux Distros Unpatched Vulnerability : CVE-2017-8923
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The zendstringextend function in Zend/zendstring.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allow...
DEBIAN-CVE-2023-0662
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space...