Astra Linux - уязвимость в c3p0

C3P0 versions less than 0.9.5.4 may be exploited by a “billion laughs attack” when loading XML configuration, due to the lack of protections against recursive entity expansion during the loading of configuration files...

Postprocessor IDE for SolidCAM 资源管理错误漏洞

Postprocessor IDE for SolidCAM is a GPPL language development support tool developed by Andrey Zorin. Versions of Postprocessor IDE for SolidCAM from 1.0.0 to 1.0.2 contained a resource management vulnerability. This vulnerability arose from the language server’s parsing of.vmid files in the same...

CLSA-2026-1776971672 php: Fix of 3 CVEs

CVE-2021-21707: fix NUL byte truncation in XML/DOM URI file loading - CVE-2022-31628: fix phar wrapper denial of service when loading compressed quine archives - CVE-2022-31629: discard HTTP variables that mangle into Host- or Secure- prefixes...

EUVD-2020-17608

Malware in sbrugna...

EUVD-2022-5643

Malicious code in bioql PyPI...

RLSA-2024:10952 Moderate: php:7.4 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: Passwordverify always return true with some hash CVE-2023-0567 php: Missing error check and insufficient random bytes in...

Moderate: Red Hat Security Advisory: php:7.4 security update

An update for the php:7.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: php:7.4 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: Passwordverify always return true with some hash CVE-2023-0567 php: Missing error check and insufficient random bytes in...

ALSA-2024:10952 Moderate: php:7.4 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: Passwordverify always return true with some hash CVE-2023-0567 php: Missing error check and insufficient random bytes in...

RLSA-2024:0387 Moderate: php:8.1 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: DoS vulnerability when parsing multipart request body CVE-2023-0662 php: Missing error check and insufficient random bytes...

php:8.1 security update

An update is available for php-pecl-zip, module.php-pecl-apcu, php-pecl-xdebug3, module.php-pecl-xdebug3, php-pecl-rrd, module.php-pecl-rrd, module.php-pecl-zip, php-pecl-apcu. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...

Moderate: php:8.1 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: DoS vulnerability when parsing multipart request body CVE-2023-0662 php: Missing error check and insufficient random bytes...

Important: Red Hat Security Advisory: php:8.0 security update

An update for the php:8.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

ALSA-2023:5926 Important: php security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: XML loading external entity without being enabled CVE-2023-3823 php: phar Buffer mismanagement CVE-2023-3824 php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: DoS...

Important: php:8.0 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: XML loading external entity without being enabled CVE-2023-3823 php: phar Buffer mismanagement CVE-2023-3824 php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: DoS...

RHEL 9 : php (RHSA-2023:5926)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5926 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: XML loading external entity witho...

SUSE-SU-2023:3528-1 Security update for php7

This update for php7 fixes the following issues: - CVE-2023-3823: Fixed an issue with external entity loading in XML without enabling it. bsc1214106 - CVE-2023-3824: Fixed a buffer overflow in phardirread. bsc1214103...

GHSA-WV9C-PFPM-4WC5 Moodle CSRF Vulnerability

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. A sesskey CSRF token was not being utilised by the XML loading/unloading admin tool...

krpano Panorama Viewer 跨站脚本漏洞

krpano Panorama Viewer is a software for viewing panorama files from the German company krpano. The software supports high-resolution images, interactive virtual roaming, custom-designed user interface, and other features. A cross-site scripting vulnerability exists in Krpano Panorama Viewer 1.20...

CVE-2019-10186

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. A sesskey CSRF token was not being utilised by the XML loading/unloading admin tool...